Firmware 2.2.0(1) has a restriction where the incoming request header cannot be more than 2048 bytes long. Typical request headers are way less than 2048 bytes. It’s possible whatever script you are using to send the request is imposing a long header. You can check that.
I am not sure what
does. It seems to call cv with only a password but no other parameter.