A command injection bypass was discovered that exploits the WAF by using the payload '`cat /et$()c/pa's'swd`'. This bypass can affect various WAF vendors. To protect against this bypass, ensure proper input validation and sanitization. For more technical details, check out our blog post.
For more insights, check out the original tweet here: https://twitter.com/0x0_mdshakib/status/1895181780740907116