- Products
- Learn
- Local User Groups
- Partners
- More
Hi,
if you have R82 and Zero Phishing active on a gateway (I know, not the most common setup), you may run into a problem I just had.
An iPhone or an iPad updated to IOS 18.4 will no longer be able to connect to a WIFI that is secured by a firewall described above.
The culprit in this case: Zero Phishing:
curl http://captive.apple.com/`
[HTML>[HEAD>[TITLE>Success[/TITLE>[/HEAD><BODY><script nonce="***">var zphInj="***"[/script>[script nonce="***" src='http://zero-phishing.iaas.checkpoint.com/zph/token_generator.php?api_key={***}' crossorigin>[/script>[script nonce="***" src='https://zerophishing.iaas.checkpoint.com/3/zp.js?api_key={***}' defer crossorigin>[/script>Success[/BODY>[/HTML>
(info: replaced all "<" by "[" to be able to post)
Prior to IOS 18.4, my iPhone had no problem with that reply, but with IOS 18.4 it hangs with this screen:
It no longer recognizes the "SUCCESS" due to the SCRIPT-Tag from Zero Phishing.
I don't need a solution, disabling the blade was a quick fix. I know how to create exceptions.
But I guess this will hit several people who don't know what hit them. As the update on IOS triggers this, I looked in Apple's direction first (and not completely wrong to do so). I opened an SR to give CP a heads up as I will not be the last one to stumble over this.
JHF was 12 in my case.
Yours, Martin
