The tweet does not provide enough information to analyze the WAF bypass. More details such as the type of vulnerability, bypass payload, and WAF vendor are needed for a proper analysis.
For more insights, check out the original tweet here: https://twitter.com/shakedko/status/1766873675788063116