A vulnerability classified as critical was found in TOTOLINK CPE CP900 6.3c.1144_B20190715. Affected by this vulnerability is the function
CloudSrvUserdataVersionCheck
. The manipulation of the argument magicid leads to command injection.
This vulnerability is known as CVE-2025-44837. The attack can be launched remotely. There is no exploit available.