not exploits of the OS, but I've used this to exploit web applications quite a bit. Tricks like these get your past a lot of input filters or validation logic. This allows me to trick these apps into making HTTP requests to internal or private IPs/hosts.
As an example, think of a cloud based web performance monitoring system. I trick it into making HTTP requests to 169.254.169.254, and I get access to data from their AWS metadata service...
Yep. Skipped this part (not at "he desktop RN) but honestly this is more in 'check what you accept' and input data validation|sanitation. Still a valid target for an exploit but you really need a bunch of things ('web performance monitoring system') to happen before you can have a meaningful usage (if at all) from these exploits.
As an example, think of a cloud based web performance monitoring system. I trick it into making HTTP requests to 169.254.169.254, and I get access to data from their AWS metadata service...