[+] PHP vulnerability checks
==> PHP script vulnerabilities (progpilot)
[+] Found 11 vulnerabilities in php file: /www/public/svm.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 1 vulnerabilities in php file: /www/public/sdcard/cpt/app/lang.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 13 vulnerabilities in php file: /www/public/netconf.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 9 vulnerabilities in php file: /www/public/helper.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 4 vulnerabilities in php file: /www/public/sdcard/cpt/dashboard/file_uploader.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 9 vulnerabilities in php file: /www/public/advanced.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 4 vulnerabilities in php file: /www/public/sdcard/cpt/app/debug_controller.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 8 vulnerabilities in php file: /www/public/sdcard/cpt/app/grdata.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 4 vulnerabilities in php file: /www/public/sdcard/cpt/app/base_controller.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 5 vulnerabilities in php file: /www/public/sdcard/cpt/app/settings_controller.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 12 vulnerabilities in php file: /www/public/sdcard/cpt/app/data_exporter.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 5 vulnerabilities in php file: /www/public/network.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 5 vulnerabilities in php file: /www/public/sdcard/cpt/app/auth_key_controller.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 4 vulnerabilities in php file: /www/public/sdcard/cpt/app/permission.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 4 vulnerabilities in php file: /www/public/sdcard/cpt/dashboard/permission_controller.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 5 vulnerabilities in php file: /www/public/utility.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 4 vulnerabilities in php file: /www/public/sedona.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 1 vulnerabilities in php file: /www/public/sdcard/cpt/plugins/ServiceConfig/openvpn_controller.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 20 vulnerabilities in php file: /www/public/sdcard/cpt/app/utility.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 1 vulnerabilities in php file: /www/public/sdcard/cpt/app/mail/class.smtp.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 5 vulnerabilities in php file: /www/public/sdcard/cpt/app/graphic.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 5 vulnerabilities in php file: /www/public/wifi.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 14 vulnerabilities in php file: /www/public/sdcard/cpt/app/sql_query.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 7 vulnerabilities in php file: /www/public/sdcard/cpt/app/upgrade_firmware.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 2 vulnerabilities in php file: /www/public/sdcard/cpt/plugins/ServiceConfig/file_upload.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 1 vulnerabilities in php file: /www/public/bacnet.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 4 vulnerabilities in php file: /www/public/scan.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 5 vulnerabilities in php file: /www/public/sdcard/cpt/app/os_account_management.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 10 vulnerabilities in php file: /www/public/firmware.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 9 vulnerabilities in php file: /www/public/sdcard/cpt/dashboard/index.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 4 vulnerabilities in php file: /www/public/sdcard/cpt/app/account_management.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 35 vulnerabilities in php file: /www/public/configuration.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 4 vulnerabilities in php file: /www/public/sdcard/cpt/app/profile.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 1 vulnerabilities in php file: /www/public/sdcard/cpt/app/utils.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 4 vulnerabilities in php file: /www/public/sdcard/cpt/app/service_config.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 4 vulnerabilities in php file: /www/public/check_login.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 2 vulnerabilities in php file: /www/public/sdcard/cpt/plugins/LogoConfig/file_upload.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 2 vulnerabilities in php file: /www/public/sdcard/cpt/app/landing_page.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 2 vulnerabilities in php file: /www/public/sdcard/cpt/app/mail/mail_controller.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 4 vulnerabilities in php file: /www/public/sdcard/cpt/app/signout.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 4 vulnerabilities in php file: /www/public/sdcard/cpt/app/signin.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 7 vulnerabilities in php file: /www/public/sdcard/cpt/app/note_controller.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 8 vulnerabilities in php file: /www/public/sdcard/cpt/app/data_api.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 17 vulnerabilities in php file: /www/public/sdcard/phpliteadmin.php (-rw-r--r-- root root) (common linux file: no)
[+] Found 289 vulnerabilities in 91 php files.
==> PHP script vulnerabilities - semgrep
[+] Found 133 issues (121 vulnerabilites) in 98 php files
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.backticks-use in firmware.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.backticks-use in firmware.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.backticks-use in index.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.backticks-use in index.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.backticks-use in service_config.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.backticks-use in service_config.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.backticks-use in service_config.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.backticks-use in service_config.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.backticks-use in service_config.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in bacnet.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in bacnet.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in data_formatters.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in mail_controller.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in os_account_management.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in os_account_management.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in utils.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in data_utility.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in index.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in index.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in network_config.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in network_config.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in network_config.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in network_config.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in network_config.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in network_config.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in openvpn_controller.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in openvpn_controller.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in openvpn_controller.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in service_control.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in service_control.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in service_control.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in service_control.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in bacnet.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in bacnet.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.exec-use in os_info.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.file-inclusion in utils.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.file-inclusion in utils.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.file-inclusion in utils.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-filename in grdata.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-filename in grdata.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-filename in mail_controller.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-filename in note_controller.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-filename in note_controller.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-filename in utility.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-filename in utility.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-filename in utility.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-filename in utility.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-filename in utils.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-filename in utils.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-filename in utils.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-filename in utils.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-filename in utils.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-filename in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-filename in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-filename in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-filename in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-sql-string in account_management.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-sql-string in dashboard.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-sql-string in data_exporter.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-sql-string in data_exporter.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-sql-string in index.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-sql-string in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-sql-string in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-sql-string in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-sql-string in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-sql-string in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-sql-string in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-sql-string in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.injection.tainted-sql-string in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.mcrypt-use in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.non-literal-header in base_controller.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.non-literal-header in base_controller.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.non-literal-header in base_controller.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.non-literal-header in base_controller.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.non-literal-header in data_formatters.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.non-literal-header in data_formatters.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.non-literal-header in data_formatters.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.non-literal-header in mail_controller.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.non-literal-header in utility.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.non-literal-header in utility.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.non-literal-header in openvpn_controller.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.non-literal-header in openvpn_controller.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.non-literal-header in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.non-literal-header in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.non-literal-header in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.non-literal-header in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.non-literal-header in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.php-ssrf in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.phpinfo-use in debug_controller.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.unlink-use in firmware.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.unlink-use in class.phpmailer.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.unlink-use in class.phpmailer.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.unlink-use in class.phpmailer.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.unlink-use in class.phpmailer.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.unlink-use in migration.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.unlink-use in utility.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.unlink-use in utils.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.unlink-use in file_uploader.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.unlink-use in file_manager.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.unlink-use in logo_utility.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.unlink-use in file_manager.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.unlink-use in deployment.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.unlink-use in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.weak-crypto in db.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.weak-crypto in db.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.weak-crypto in db.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.weak-crypto in db.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.weak-crypto in db.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.weak-crypto in class.phpmailer.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.weak-crypto in class.phpmailer.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.weak-crypto in class.phpmailer.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.weak-crypto in class.phpmailer.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.weak-crypto in class.phpmailer.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.weak-crypto in class.smtp.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.weak-crypto in class.smtp.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.weak-crypto in utils.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.weak-crypto in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.lang.security.weak-crypto in phpliteadmin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect in base_controller.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect in base_controller.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect in graphic.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect in graphic.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect in landing_page.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect in signin.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect in signout.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect in utility.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect in index.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect in index.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect in openvpn_controller.php
[+] Found possible PHP vulnerability external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect in utility.php
==> PHP configuration checks (php.ini)
FAIL | WARNING | | | session.cookie_domain | It is recommended that you set the default domain for cookies.
FAIL | ERROR | 5.2.0 | 1 | session.cookie_httponly | Setting session cookies to 'http only' makes them only readable by the browser
FAIL | WARNING | | | session.hash_function | Weak hashing algorithms in use. Rather use one of these: sha224, sha256, sha384, sha512/224, sha512/256, sha512, sha3-224, sha3-256, sha3-384, sha3-512, ripemd128, ripemd160, ripemd256, ripemd320, whirlpool, tiger128,3, tiger160,3, tiger192,3, tiger128,4, tiger160,4, tiger192,4, snefru256, gost-crypto, adler32, crc32, crc32b, crc32c, fnv132, fnv1a32, fnv164, fnv1a64, joaat, murmur3a, murmur3c, murmur3f, xxh32, xxh64, xxh3, xxh128, haval128,3, haval160,3, haval192,3, haval224,3, haval256,3, haval128,4, haval160,4, haval192,4, haval224,4, haval256,4, haval128,5, haval160,5, haval192,5, haval224,5, haval256,5
FAIL | WARNING | | | session.save_path | Custom path not set, default (/tmp) is world writeable
FAIL | ERROR | 4.0.4 | 1 | session.cookie_secure | Cookie secure specifies whether cookies should only be sent over secure connections.
FAIL | WARNING | 5.5.2 | 1 | session.use_strict_mode | Strict mode prevents uninitialized session IDs in the built-in session handling.
FAIL | INFO | | PHPSESSID | session.name | Renaming the session cookie to something other than the default can make it more difficult to detect if a user's cookies are hijacked
FAIL | ERROR | 4.0.3 | 0 | allow_url_fopen | Do not allow the opening of remote file resources ('Off' recommended)
FAIL | WARNING | | 1 | expose_php | Showing the PHP signature exposes additional information
FAIL | WARNING | | | post_max_size | Unless necessary, a maximum post size of 14M is too large
FAIL | WARNING | | | open_basedir | Restricting PHP's access to the file system to a certain directory prevents file-based attacks in unauthorized areas.
FAIL | WARNING | | 2M | upload_max_filesize | The max upload size should not be too high, to prevent server overload from large requests
FAIL | WARNING | | 8M | post_max_size | The max upload size should not be too high, to prevent server overload from large requests
PASS | WARNING | | 128M | memory_limit | The standard memory limit should not be too high, if you need more memory for a single script you can adjust that during runtime using ini_set()
FAIL | WARNING | | | disable_functions | Methods still enabled - exec, passthru, shell_exec, system, proc_open, popen, curl_exec, curl_multi_exec
FAIL | WARNING | | | soap.wsdl_cache_dir | The SOAP WSDL cache directory is inside of "/tmp/" which allows local users to conduct WSDL injection attacks (CVE-2013-6501)
[+] Found 16 PHP configuration issues in php config file : /etc/php.ini (-rw-r--r-- root root)
==> PHPinfo file detection
[+] Found php file with debugging information: /logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/debug_controller.php
protected function doGet() {
phpinfo();
}
}
