CVE-2023-36177 | THREATINT

Description

An issue was discovered in badaix Snapcast version 0.27.0, allows remote attackers to execute arbitrary code and gain sensitive information via crafted request in JSON-RPC-API.

PUBLISHED Reserved 2023-06-21 | Published 2024-01-23 | Updated 2025-11-03 | Assigner mitre

References

snapcast.com

oxnan.com/posts/Snapcast_jsonrpc_rce

lists.debian.org/debian-lts-announce/2025/07/msg00015.html

snapcast.com

oxnan.com/posts/Snapcast_jsonrpc_rce

cve.org (CVE-2023-36177)

nvd.nist.gov (CVE-2023-36177)

Download JSON