The Sysdig Threat Research Team recently discovered a vulnerability in AWS WAF that allowed bypassing its defenses using an automated WAF fuzzer. Although the vulnerability has been fixed, this incident highlights the importance of regular cybersecurity testing and the use of multiple defense layers. The full proof of concept can be found here: [link to the proof of concept].
For more insights, check out the original tweet here: https://twitter.com/KoppeDavid/status/1752775288855855228