Loading
Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an empty value, as demonstrated by "Range: x=,".
Use CWE-476, Oracle vendor hub and Enterprise Communications Broker product page to widen CVE-2014-9708 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2021-3711, CVE-2021-23017 and CVE-2021-3712 for nearby disclosures in the same product family.