A vulnerability classified as critical was found in TOTOLINK CPE CP900 6.3c.1144_B20190715. Affected by this vulnerability is the function CloudSrvUserdataVersionCheck. The manipulation of the argument magicid leads to command injection.

This vulnerability is known as CVE-2025-44837. The attack can be launched remotely. There is no exploit available.