CVE-2026-34473: Pre-auth ZTE H-series router DoS via CGILua request
Source: Reddit
Published:
<p>Disclosure: this is my own research/writeup. I reported this ZTE H-series router DoS in 2024; it is now public as CVE-2026-34473 . The writeup focuses on the root cause rather than just the symptom. The issue is not simply “large POST body kills the UI.” Firmware analysis maps the behavior to CGI