Examples of bypassing the Vercel WAF via parser differential

Hacktron presented the results of the Vercel React2Shell Challenge — a program where Vercel rewarded unique WAF bypasses enabling exploitation of React2Shell. Some techniques relied on differences between how HTTP requests were parsed by the WAF and by the backend application.

Examples include duplicate boundary parameters in multipart/form-data, non-UTF-8 bytes in headers, charset=utf16le inside multipart parts, and spaces appended after the final boundary marker. In all cases, the WAF and backend parsed the same request differently: the WAF either stopped inspecting the body or failed to decode it correctly, while the backend successfully processed the payload. These discrepancies allowed malicious requests to bypass filtering and reach the vulnerable application logic.

📎 Article: https://www.hacktron.ai/blog/react2shell-vercel-waf-bypass

💬 Discuss