An unauthenticated remote attacker can exploit a denial-of-service vulnerability in the devices web server functionality by sending a specially crafted HTTP request with a malicious header, potentially causing the server to crash or become unresponsive.
The product’s resource pool is not large enough to handle peak demand, which allows an attacker to prevent others from accessing the resource by using a (relatively) large number of requests for resources.