The tweet mentions a SQLi vulnerability that was not complex. The bypass used a favicon hash to get the origin IP and then saved the request from Burp Suite to parse it with SQLmap. The WAF vendor is unknown.
Original tweet: https://twitter.com/papjm__/status/1798768778588852488