CVE-2026-0791

Name of the Vulnerable Software and Affected Versions ALGO 8180 IP Audio Alerter (affected versions not specified)

Description A flaw exists in the handling of the Replaces header within SIP INVITE requests. The issue stems from insufficient validation of the length of user-supplied data before copying it into a fixed-length stack-based buffer. This allows a remote attacker to execute arbitrary code on affected devices without authentication. The vulnerability is related to the SIP INVITE request and the Replaces header.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.