The affected product is vulnerable to an integer underflow. An unauthenticated attacker could send a malformed HTTP request, which could allow the attacker to crash the program.

The affected product is vulnerable to a command injection. An unauthenticated attacker could send commands through a malicious HTTP request which could result in remote code execution.

The affected product is vulnerable to a stack-based buffer overflow. An unauthenticated attacker could send a malicious HTTP request that the webserver fails to properly check input size before copying data to the stack, potentially allowing remote code execution.