Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page.
The product does not properly handle when the expected number of parameters, fields, or arguments is not provided in input, or if those parameters are undefined.