diff --git a/ActiveSync/NSString+ActiveSync.m b/ActiveSync/NSString+ActiveSync.m
index 1cfdd9c7b..a6f8f4e2a 100644
--- a/ActiveSync/NSString+ActiveSync.m
+++ b/ActiveSync/NSString+ActiveSync.m
@@ -151,6 +151,10 @@ static NSArray *easCommandParameters = nil;
       const char* qs_bytes;
 
       queryString = [[components objectAtIndex: 0] dataByDecodingBase64];
+
+      if (![queryString length])
+        return nil;
+
       qs_bytes = (const char*)[queryString bytes];
 
       return [NSString stringWithFormat:@"%.1f", (float)((uint8_t)qs_bytes[0]/10)];
@@ -199,6 +203,11 @@ static NSArray *easCommandParameters = nil;
 
       // Command code, 1 byte, ie.: cmd=
       cmd_code = qs_bytes[1];
+
+      // Check whether the command code is within the known range.
+      if (cmd_code < 0 || cmd_code > 22)
+        return nil;
+
       [components addObject: [NSString stringWithFormat: @"cmd=%@", [easCommandCodes objectAtIndex: cmd_code]]];
 
       // Device ID length and Device ID (variable)
diff --git a/ActiveSync/SOGoActiveSyncDispatcher.m b/ActiveSync/SOGoActiveSyncDispatcher.m
index 34bafdd2c..f56e51fb9 100644
--- a/ActiveSync/SOGoActiveSyncDispatcher.m
+++ b/ActiveSync/SOGoActiveSyncDispatcher.m
@@ -3971,6 +3971,14 @@ void handle_eas_terminate(int signum)
 
   // Get the device ID, device type and "stash" them
   deviceId = [[theRequest uri] deviceId];
+
+  if ([deviceId isEqualToString: @"Unknown"])
+    {
+      [(WOResponse *)theResponse setStatus: 500];
+      [self logWithFormat: @"EAS - No device id provided, ignoring request."];
+      return nil;
+    }
+
   [context setObject: deviceId  forKey: @"DeviceId"];
   [context setObject: [[theRequest uri] deviceType]  forKey: @"DeviceType"];
   [context setObject: [[theRequest uri] attachmentName]  forKey: @"AttachmentName"];