This tweet discusses a security issue related to the Vercel Web Application Firewall (WAF). Initially, a vulnerability involving a '1 dupe' payload seemed to be patched by Vercel's WAF, preventing the attack. However, the tweet indicates that with the WAF bypass option enabled, the same or similar payload could bypass the WAF protection again. It confirms that basic payloads did not work, but the bypass option of the WAF allowed the attacker to slip through the security. This suggests that while Vercel's WAF tried to mitigate the vulnerability, certain configuration or bypass options can still permit exploitation. It highlights the importance of careful configuration and continuous monitoring of WAF settings, especially in managed solutions like Vercel's. More technical details about the exact payload and bypass methods are not provided, but the case underlines that 'duplicate' or repeated types of attacks might still pose risks when bypass options are enabled, even if initially patched.
For more details, check out the original tweet here: https://twitter.com/broken_link420/status/1997665935675502956