I discovered an HTTP smuggling issue with ambiguous Content-Length handling that allowed me to bypass the proxy server's WAF. This led to Denial of Service (DOS) and potential rate limit/bypass issues due to non-compliance with RFC standards. Check out the full technical details in my blog post.
For more details, check out the original tweet here: https://twitter.com/Banditz_0x/status/1868189208273379725