UTF-8 Overlong Encoding Payload can be used to bypass WAF protection. This payload contains different byte sequences (%C0%AE, %E0%80%AE, %F0%80%80%AE) that can be used to evade WAF detection. It is important for WAF vendors to update their rules to detect and block such overlong encoding bypasses. More details can be found at https://t.co/h92xwBBb78
UTF-8 Overlong Encoding Payload for #bypass waf #bugbounty
– 2bytes?%C0%AE
– 3bytes?%E0%80%AE
– 4bytes?%F0%80%80%AE pic.twitter.com/h92xwBBb78— siri@fu4k1 (@sirifu4k1) March 6, 2024