This is about some kind of firewall appliance that proxies http connections to devices on the inside. I didn’t examine the attack in detail but it sounds like it’s possible to modify unencrypted http cookies to enumerate device on the inside. Some kind of reflection attack? Or is the firewall creating it’s own cookes that are malleable? Anyway the post is legit but most of us aren’t using these.