CVE-2025-69674

Buffer Overflow vulnerability in CDATA FD614GS3-R850 V3.2.7_P161006 (Build.0333.250211) allows an attacker to execute arbitrary code via the node_mac, node_opt, opt_param, and domainblk parameters of the mesh_node_config and domiainblk_config modules

CVSS v3 6.4 MEDIUM

6.4^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.5 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://gist.github.com/GiladK113/8d61bebccc3d75440c6b0b7b9961df96
https://www.cdatatec.com/products/fd614gs3-r850.html

Configurations

No configuration.

History

25 Feb 2026, 21:16

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~8.8~~	v2 : unknown v3 : 6.4

25 Feb 2026, 15:20

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~9.8~~	v2 : unknown v3 : 8.8
Summary		(es) Vulnerabilidad de desbordamiento de búfer en CDATA FD614GS3-R850 V3.2.7_P161006 (Build.0333.250211) permite a un atacante ejecutar código arbitrario a través de los parámetros node_mac, node_opt, opt_param y domainblk de los módulos mesh_node_config y domiainblk_config.

23 Feb 2026, 14:16

Type	Values Removed	Values Added
CWE		CWE-120
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8

19 Feb 2026, 17:24

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-19 17:24

Updated : 2026-04-15 00:35

NVD link : CVE-2025-69674

Mitre link : CVE-2025-69674

CVE.ORG link : CVE-2025-69674

JSON object : View

Products Affected

No product.

CWE

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

6.4 /10