GeneralTechnologyThe iReportTrending

An iOS 11 Camera vulnerability could lead you to dangerous websites

Recently, a new iOS 11 bugs related to the native Camera application was discovered. Using it to scan a QR code, the application can make us open an unwanted link.

Starting with iOS 11 you can directly use the native Camera application to scan QR codes. By framing one of these codes through the Camera, we will be able to open the web addresses associated with them. Unfortunately, because of this bug in iOS 11, the application could provide us with an incorrect link and let us visit another website.

When the Camera application recognizes the hidden web address in the QR code, it asks for permission from the user to visit the website. Through the newly discovered bug, a user received a consent request to visit http://facebook.com but found himself on a company’s private site. This is possible by entering the following code

 https: // xxx \ @ facebook.com: 443@infosec.rm-it.de/

where instead of the “xxx” the desired address must be put. In this way, the Camera will request permission for  http://facebook.com  but will access directly to the site indicated by the user. You can also try this simple QR Code below:

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.