A SQL injection (SQLi) vulnerability bypassing a Web Application Firewall (WAF) using a JSON-based payload targeting the PUT method in a popular multi-platform media center has been discovered. This bypass allows an attacker to evade the WAF protection and execute SQL injection attacks. For more technical details, check out the blog post on this WAF bypass.
Check out the original tweet here: https://twitter.com/coffinxp7/status/1846002994862489977