EMBA firmware report

┌─────────────┐

│ Scan Status │

└─────────────┘

  Scanning 2048 files tracked by git with 57 Code rules:

  Scanning 98 files with 40 php rules.

<?xml version="1.0" ?>

<testsuites disabled="0" errors="0" failures="133" tests="133" time="0.0">

	<testsuite disabled="0" errors="0" failures="133" name="semgrep results" skipped="0" tests="133" time="0">

		<testcase name="external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/base_controller.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/base_controller.php" line="218">

			<failure type="WARNING" message="The `redirect()` method does not check its destination in any way. If you redirect to a URL provided by end-users, your application may be open to the unvalidated redirects security vulnerability. Consider using literal values or an allowlist to validate URLs.">        $this-&gt;redirect($this-&gtakeUrl('app/signin.php'));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/base_controller.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/base_controller.php" line="387">

			<failure type="WARNING" message="The `redirect()` method does not check its destination in any way. If you redirect to a URL provided by end-users, your application may be open to the unvalidated redirects security vulnerability. Consider using literal values or an allowlist to validate URLs.">      $this-&gt;redirect($this-&gtakeUrl('app/landing_page.php?permission_error=1'));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/graphic.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/graphic.php" line="25">

			<failure type="WARNING" message="The `redirect()` method does not check its destination in any way. If you redirect to a URL provided by end-users, your application may be open to the unvalidated redirects security vulnerability. Consider using literal values or an allowlist to validate URLs.">      $this-&gt;redirect($this-&gtakeUrl(&quot;dashboard/index.php&quot;));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/graphic.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/graphic.php" line="27">

			<failure type="WARNING" message="The `redirect()` method does not check its destination in any way. If you redirect to a URL provided by end-users, your application may be open to the unvalidated redirects security vulnerability. Consider using literal values or an allowlist to validate URLs.">      $this-&gt;redirect($this-&gtakeUrl(&quot;app/landing_page.php&quot;));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/landing_page.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/landing_page.php" line="14">

			<failure type="WARNING" message="The `redirect()` method does not check its destination in any way. If you redirect to a URL provided by end-users, your application may be open to the unvalidated redirects security vulnerability. Consider using literal values or an allowlist to validate URLs.">        $this-&gt;redirect($this-&gt;userHomePage());

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/signin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/signin.php" line="11">

			<failure type="WARNING" message="The `redirect()` method does not check its destination in any way. If you redirect to a URL provided by end-users, your application may be open to the unvalidated redirects security vulnerability. Consider using literal values or an allowlist to validate URLs.">      $this-&gt;redirect($this-&gtakeUrl(&quot;app/graphic.php&quot;));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/signout.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/signout.php" line="16">

			<failure type="WARNING" message="The `redirect()` method does not check its destination in any way. If you redirect to a URL provided by end-users, your application may be open to the unvalidated redirects security vulnerability. Consider using literal values or an allowlist to validate URLs.">    $this-&gt;redirect($this-&gtakeUrl('app/signin.php'));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utility.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utility.php" line="88">

			<failure type="WARNING" message="The `redirect()` method does not check its destination in any way. If you redirect to a URL provided by end-users, your application may be open to the unvalidated redirects security vulnerability. Consider using literal values or an allowlist to validate URLs.">    $this-&gt;redirect($this-&gtakeUrl(&quot;../phpliteadmin.php&quot;));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/dashboard/index.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/dashboard/index.php" line="17">

			<failure type="WARNING" message="The `redirect()` method does not check its destination in any way. If you redirect to a URL provided by end-users, your application may be open to the unvalidated redirects security vulnerability. Consider using literal values or an allowlist to validate URLs.">        $this-&gt;redirect($this-&gtakeUrl('dashboard/index.php'));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/dashboard/index.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/dashboard/index.php" line="150">

			<failure type="WARNING" message="The `redirect()` method does not check its destination in any way. If you redirect to a URL provided by end-users, your application may be open to the unvalidated redirects security vulnerability. Consider using literal values or an allowlist to validate URLs.">        $this-&gt;redirect($this-&gtakeUrl('dashboard/index.php?dashboard_id='.$id));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/openvpn_controller.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/openvpn_controller.php" line="182">

			<failure type="WARNING" message="The `redirect()` method does not check its destination in any way. If you redirect to a URL provided by end-users, your application may be open to the unvalidated redirects security vulnerability. Consider using literal values or an allowlist to validate URLs.">    $this-&gt;redirect($url);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.symfony.security.audit.symfony-non-literal-redirect" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/utility.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/utility.php" line="34">

			<failure type="WARNING" message="The `redirect()` method does not check its destination in any way. If you redirect to a URL provided by end-users, your application may be open to the unvalidated redirects security vulnerability. Consider using literal values or an allowlist to validate URLs.">      $this-&gt;redirect($this-&gtakeUrl(&quot;app/signin.php&quot;));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.weak-crypto" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/db.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/db.php" line="267">

			<failure type="ERROR" message="Detected usage of weak crypto function. Consider using stronger alternatives.">      $checksum = sha1($password . $this-&gt;attr('salt'));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.weak-crypto" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/db.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/db.php" line="272">

			<failure type="ERROR" message="Detected usage of weak crypto function. Consider using stronger alternatives.">      $checksum = sha1($this-&gt;attr('checksum') . $authRand);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.weak-crypto" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/db.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/db.php" line="277">

			<failure type="ERROR" message="Detected usage of weak crypto function. Consider using stronger alternatives.">      $checksum = sha1($password . $this-&gt;attr('salt'));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.weak-crypto" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/db.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/db.php" line="303">

			<failure type="ERROR" message="Detected usage of weak crypto function. Consider using stronger alternatives.">      $checksum = sha1($password . $salt);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.weak-crypto" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/db.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/db.php" line="328">

			<failure type="ERROR" message="Detected usage of weak crypto function. Consider using stronger alternatives.">      return sha1($password . $salt);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.weak-crypto" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.phpmailer.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.phpmailer.php" line="2091">

			<failure type="ERROR" message="Detected usage of weak crypto function. Consider using stronger alternatives.">        $this-&gt;uniqueid = md5(uniqid(time()));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.weak-crypto" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.phpmailer.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.phpmailer.php" line="2469">

			<failure type="ERROR" message="Detected usage of weak crypto function. Consider using stronger alternatives.">                $inclhash = md5(serialize($attachment));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.weak-crypto" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.phpmailer.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.phpmailer.php" line="3292">

			<failure type="ERROR" message="Detected usage of weak crypto function. Consider using stronger alternatives.">                    $cid = md5($url) . '@phpmailer.0'; // RFC2392 S 2

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.weak-crypto" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.phpmailer.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.phpmailer.php" line="3308">

			<failure type="ERROR" message="Detected usage of weak crypto function. Consider using stronger alternatives.">                    $cid = md5($url) . '@phpmailer.0'; // RFC2392 S 2

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.weak-crypto" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.phpmailer.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.phpmailer.php" line="3753">

			<failure type="ERROR" message="Detected usage of weak crypto function. Consider using stronger alternatives.">        $DKIMb64 = base64_encode(pack('H*', sha1($body))); // Base64 of packed binary SHA-1 hash of body

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.weak-crypto" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.smtp.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.smtp.php" line="548">

			<failure type="ERROR" message="Detected usage of weak crypto function. Consider using stronger alternatives.">            $key = pack('H*', md5($key));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.weak-crypto" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.smtp.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.smtp.php" line="556">

			<failure type="ERROR" message="Detected usage of weak crypto function. Consider using stronger alternatives.">        return md5($k_opad . pack('H*', md5($k_ipad . $data)));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.weak-crypto" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" line="13">

			<failure type="ERROR" message="Detected usage of weak crypto function. Consider using stronger alternatives.">  return sha1($password . $salt);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.weak-crypto" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="4272">

			<failure type="ERROR" message="Detected usage of weak crypto function. Consider using stronger alternatives.">      $this-&gt;system_password_encrypted = sha1(SYSTEMPASSWORD.$_SESSION[COOKIENAME.'_salt']);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.weak-crypto" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="4288">

			<failure type="ERROR" message="Detected usage of weak crypto function. Consider using stronger alternatives.">      $is_pass_ok = sha1($password . $cpt_password_salt) == $cpt_password_checksum;

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.php-ssrf" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="961">

			<failure type="ERROR" message="The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. Dangerous function readfile with payload $_GET['download']">		readfile($_GET['download']);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.phpinfo-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/debug_controller.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/debug_controller.php" line="13">

			<failure type="ERROR" message="The 'phpinfo' function may reveal sensitive information about your environment.">    phpinfo();

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.backticks-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/firmware.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/firmware.php" line="72">

			<failure type="ERROR" message="Backticks use may lead to command injection vulnerabilities.">    `rm -rf /tmp/firmware`;

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.backticks-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/firmware.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/firmware.php" line="73">

			<failure type="ERROR" message="Backticks use may lead to command injection vulnerabilities.">    `mkdir /tmp/firmware`;

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.backticks-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/DataServiceConfig/index.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/DataServiceConfig/index.php" line="51">

			<failure type="ERROR" message="Backticks use may lead to command injection vulnerabilities.">          `[ -e /usr/bin/monit ] &amp;&amp; /usr/bin/monit restart mqtt-service || /etc/init.d/S91mqtt-service restart`;

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.backticks-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/DataServiceConfig/index.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/DataServiceConfig/index.php" line="53">

			<failure type="ERROR" message="Backticks use may lead to command injection vulnerabilities.">          `[ -e /usr/bin/monit ] &amp;&amp; /usr/bin/monit restart mqtt-service || /etc/init.d/mqtt-service restart`;

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.backticks-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/service_config.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/service_config.php" line="27">

			<failure type="ERROR" message="Backticks use may lead to command injection vulnerabilities.">    $output = rtrim(`(cd $certs_dir &amp;&amp; ln -nsf uploaded live &amp;&amp; nginx -q -t &amp;&amp; echo OK) || echo ERROR`);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.backticks-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/service_config.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/service_config.php" line="30">

			<failure type="ERROR" message="Backticks use may lead to command injection vulnerabilities.">      $output = rtrim(`(cd $certs_dir &amp;&amp; mkdir -p prod &amp;&amp; mv uploaded/cert uploaded/key prod/ &amp;&amp; ln -nsf prod live &amp;&amp; nginx -s reload &amp;&amp; echo OK) || echo ERROR`);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.backticks-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/service_config.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/service_config.php" line="34">

			<failure type="ERROR" message="Backticks use may lead to command injection vulnerabilities.">        `cd $certs_dir &amp;&amp; ln -nsf default live &amp;&amp; nginx -s reload`;

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.backticks-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/service_config.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/service_config.php" line="38">

			<failure type="ERROR" message="Backticks use may lead to command injection vulnerabilities.">      `cd $certs_dir &amp;&amp; ln -nsf $restore_to live`;

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.backticks-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/service_config.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/service_config.php" line="80">

			<failure type="ERROR" message="Backticks use may lead to command injection vulnerabilities.">      $content = `cd $certs_dir &amp;&amp; tar -cf - cert key`;

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/bacnet.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/bacnet.php" line="30">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">      exec($cmd, $output);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/bacnet.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/bacnet.php" line="56">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">      exec($cmd, $output);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/data_formatters.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/data_formatters.php" line="54">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">        exec(escapeshellcmd($cmd));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/mail_controller.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/mail_controller.php" line="117">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">        execCmd('kill -HUP ' . $pid);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/os_account_management.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/os_account_management.php" line="69">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">    exec(&quot;id ${account}&quot;, $output, $return_val);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/os_account_management.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/os_account_management.php" line="94">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">    exec($shell_cmd, $output, $return_val);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" line="933">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">  exec(escapeshellcmd($cmd));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/DataServiceConfig/data_utility.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/DataServiceConfig/data_utility.php" line="37">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">    execCmd('ln -sf ' . $confFile . ' /etc/mqtt-service.json');

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/DataServiceConfig/index.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/DataServiceConfig/index.php" line="47">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">        execCmd('ln -sf '.$filename.' /etc/mqtt-service.json');

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/DataServiceConfig/index.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/DataServiceConfig/index.php" line="77">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">    $last_line = exec($cmd, $output, $return);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/NetworkConfig/network_config.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/NetworkConfig/network_config.php" line="23">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">    exec($cmd, $output, $return_var);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/NetworkConfig/network_config.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/NetworkConfig/network_config.php" line="339">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">    exec($cmd, $output, $return_var);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/NetworkConfig/network_config.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/NetworkConfig/network_config.php" line="345">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">    shell_exec(&quot;echo &quot; . escapeshellarg($hostname) . &quot; &gt; /etc/hostname&quot;);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/NetworkConfig/network_config.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/NetworkConfig/network_config.php" line="369">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">    exec($cmd, $output, $return_var);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/NetworkConfig/network_config.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/NetworkConfig/network_config.php" line="398">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">    exec($cmd, $output, $return_var);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/NetworkConfig/network_config.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/NetworkConfig/network_config.php" line="441">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">    exec($cmd, $output, $return_var);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/openvpn_controller.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/openvpn_controller.php" line="110">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">    $output = shell_exec('cd /etc/openvpn &amp;&amp; easyrsa --batch init-pki &amp;&amp; easyrsa --batch --req-cn=&quot;' . escapeshellarg($common_name) . '&quot; --days=3650 build-ca nopass &amp;&amp; openssl dhparam -dsaparam -out pki/dh.pem 2048 &amp;&amp; openvpn --genkey --secret ta.key &amp;&amp; echo &quot;SUCCESS&quot;');

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/openvpn_controller.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/openvpn_controller.php" line="131">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">    $output = shell_exec('cd /etc/openvpn &amp;&amp; easyrsa --batch --days=3650 build-server-full ' . escapeshellarg($common_name) .' nopass &amp;&amp; echo &quot;SUCCESS&quot;');

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/openvpn_controller.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/openvpn_controller.php" line="174">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">    $output = shell_exec('cd /etc/openvpn &amp;&amp; easyrsa --batch --days=3650 build-client-full ' . escapeshellarg($common_name) . ' nopass &amp;&amp; echo &quot;SUCCESS&quot;');

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceControl/service_control.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceControl/service_control.php" line="101">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">    return !is_null(shell_exec($cmd));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceControl/service_control.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceControl/service_control.php" line="122">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">    return !is_null(shell_exec($cmd));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceControl/service_control.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceControl/service_control.php" line="158">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">    shell_exec($cmd);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceControl/service_control.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceControl/service_control.php" line="191">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">      shell_exec($cmd);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/scripts/bacnet.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/scripts/bacnet.php" line="30">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">      exec($cmd, $output);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/scripts/bacnet.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/scripts/bacnet.php" line="56">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">      exec($cmd, $output);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.exec-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/scripts/os_info.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/scripts/os_info.php" line="35">

			<failure type="ERROR" message="Executing non-constant commands. This can lead to command injection.">    exec('rm -rf ' . $widgetPath . '/*');

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.mcrypt-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="454">

			<failure type="ERROR" message="Mcrypt functionality has been deprecated and/or removed in recent PHP versions. Consider using Sodium or OpenSSL.">		$_SESSION['token'] = bin2hex(mcrypt_create_iv(32, MCRYPT_DEV_URANDOM));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.non-literal-header" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/base_controller.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/base_controller.php" line="120">

			<failure type="WARNING" message="Using user input when setting headers with `header()` is potentially dangerous. This could allow an attacker to inject a new line and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace inside `header()`: '[^\s]+'.">        header('Location: ' . $url, true, $permanent ? 301 : 302);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.non-literal-header" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/base_controller.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/base_controller.php" line="139">

			<failure type="WARNING" message="Using user input when setting headers with `header()` is potentially dangerous. This could allow an attacker to inject a new line and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace inside `header()`: '[^\s]+'.">    header(&quot;Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}&quot;);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.non-literal-header" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/base_controller.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/base_controller.php" line="360">

			<failure type="WARNING" message="Using user input when setting headers with `header()` is potentially dangerous. This could allow an attacker to inject a new line and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace inside `header()`: '[^\s]+'.">    header('Content-Disposition: attachment; filename=&quot;'. $file_name);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.non-literal-header" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/base_controller.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/base_controller.php" line="364">

			<failure type="WARNING" message="Using user input when setting headers with `header()` is potentially dangerous. This could allow an attacker to inject a new line and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace inside `header()`: '[^\s]+'.">    header('Content-Length: ' . strlen($content));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.non-literal-header" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/data_formatters.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/data_formatters.php" line="111">

			<failure type="WARNING" message="Using user input when setting headers with `header()` is potentially dangerous. This could allow an attacker to inject a new line and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace inside `header()`: '[^\s]+'.">          header('Content-Disposition: attachment; filename=&quot;' . $filename . '&quot;');

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.non-literal-header" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/data_formatters.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/data_formatters.php" line="162">

			<failure type="WARNING" message="Using user input when setting headers with `header()` is potentially dangerous. This could allow an attacker to inject a new line and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace inside `header()`: '[^\s]+'.">          header('Content-Disposition: attachment; filename=&quot;' . $filename . '&quot;');

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.non-literal-header" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/data_formatters.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/data_formatters.php" line="217">

			<failure type="WARNING" message="Using user input when setting headers with `header()` is potentially dangerous. This could allow an attacker to inject a new line and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace inside `header()`: '[^\s]+'.">          header('Content-Disposition: attachment; filename=&quot;' . $filename . '&quot;');

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.non-literal-header" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/mail_controller.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/mail_controller.php" line="63">

			<failure type="WARNING" message="Using user input when setting headers with `header()` is potentially dangerous. This could allow an attacker to inject a new line and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace inside `header()`: '[^\s]+'.">            header('Location: ' . $url, 302);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.non-literal-header" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utility.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utility.php" line="156">

			<failure type="WARNING" message="Using user input when setting headers with `header()` is potentially dangerous. This could allow an attacker to inject a new line and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace inside `header()`: '[^\s]+'.">      header('Content-Disposition: attachment; filename=&quot;'.basename($file).'&quot;');

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.non-literal-header" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utility.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utility.php" line="160">

			<failure type="WARNING" message="Using user input when setting headers with `header()` is potentially dangerous. This could allow an attacker to inject a new line and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace inside `header()`: '[^\s]+'.">      header('Content-Length: ' . filesize($file));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.non-literal-header" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/openvpn_controller.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/openvpn_controller.php" line="224">

			<failure type="WARNING" message="Using user input when setting headers with `header()` is potentially dangerous. This could allow an attacker to inject a new line and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace inside `header()`: '[^\s]+'.">    header('Content-Disposition: attachment; filename=&quot;'. $common_name . '.ovpn&quot;');

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.non-literal-header" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/openvpn_controller.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/ServiceConfig/openvpn_controller.php" line="228">

			<failure type="WARNING" message="Using user input when setting headers with `header()` is potentially dangerous. This could allow an attacker to inject a new line and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace inside `header()`: '[^\s]+'.">    header('Content-Length: ' . strlen($client_config_str));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.non-literal-header" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="893">

			<failure type="WARNING" message="Using user input when setting headers with `header()` is potentially dangerous. This could allow an attacker to inject a new line and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace inside `header()`: '[^\s]+'.">			header('Content-Disposition: attachment; filename=&quot;'.$export_filename.'.'.$_POST['export_type'].'&quot;');

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.non-literal-header" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="912">

			<failure type="WARNING" message="Using user input when setting headers with `header()` is potentially dangerous. This could allow an attacker to inject a new line and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace inside `header()`: '[^\s]+'.">			header('Content-Disposition: attachment; filename=&quot;'.$export_filename.'.'.$_POST['export_type'].'&quot;');

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.non-literal-header" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="958">

			<failure type="WARNING" message="Using user input when setting headers with `header()` is potentially dangerous. This could allow an attacker to inject a new line and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace inside `header()`: '[^\s]+'.">		header('Content-Disposition: attachment; filename=&quot;'.basename($_GET['download']).'&quot;');

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.non-literal-header" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="5737">

			<failure type="WARNING" message="Using user input when setting headers with `header()` is potentially dangerous. This could allow an attacker to inject a new line and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace inside `header()`: '[^\s]+'.">			header('Etag: ' . $etag);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.non-literal-header" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="5743">

			<failure type="WARNING" message="Using user input when setting headers with `header()` is potentially dangerous. This could allow an attacker to inject a new line and add a new header into the response. This is called HTTP response splitting. To fix, do not allow whitespace inside `header()`: '[^\s]+'.">			header('Content-type: ' . $res['mime']);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.unlink-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/firmware.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/firmware.php" line="69">

			<failure type="WARNING" message="Using user input when deleting files with `unlink()` is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.">        unlink($path);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.unlink-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.phpmailer.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.phpmailer.php" line="2267">

			<failure type="WARNING" message="Using user input when deleting files with `unlink()` is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.">                    @unlink($file);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.unlink-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.phpmailer.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.phpmailer.php" line="2269">

			<failure type="WARNING" message="Using user input when deleting files with `unlink()` is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.">                    @unlink($signed);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.unlink-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.phpmailer.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.phpmailer.php" line="2275">

			<failure type="WARNING" message="Using user input when deleting files with `unlink()` is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.">                    @unlink($file);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.unlink-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.phpmailer.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/class.phpmailer.php" line="2276">

			<failure type="WARNING" message="Using user input when deleting files with `unlink()` is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.">                    @unlink($signed);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.unlink-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/migration.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/migration.php" line="82">

			<failure type="WARNING" message="Using user input when deleting files with `unlink()` is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.">      unlink($flag_file);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.unlink-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utility.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utility.php" line="162">

			<failure type="WARNING" message="Using user input when deleting files with `unlink()` is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.">      unlink($file);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.unlink-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" line="260">

			<failure type="WARNING" message="Using user input when deleting files with `unlink()` is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.">        $path-&gt;isFile() ? unlink($path-&gt;getPathname()) : rmdir($path-&gt;getPathname());

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.unlink-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/dashboard/file_uploader.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/dashboard/file_uploader.php" line="75">

			<failure type="WARNING" message="Using user input when deleting files with `unlink()` is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.">    unlink($targetFilePath);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.unlink-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/DataServiceConfig/file_manager.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/DataServiceConfig/file_manager.php" line="84">

			<failure type="WARNING" message="Using user input when deleting files with `unlink()` is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.">    unlink($targetFilePath);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.unlink-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/LogoConfig/logo_utility.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/LogoConfig/logo_utility.php" line="42">

			<failure type="WARNING" message="Using user input when deleting files with `unlink()` is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.">      unlink($logoFile);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.unlink-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/NetworkConfig/file_manager.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/plugins/NetworkConfig/file_manager.php" line="84">

			<failure type="WARNING" message="Using user input when deleting files with `unlink()` is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.">    unlink($targetFilePath);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.unlink-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/scripts/deployment.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/scripts/deployment.php" line="46">

			<failure type="WARNING" message="Using user input when deleting files with `unlink()` is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.">        unlink($path);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.unlink-use" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="836">

			<failure type="WARNING" message="Using user input when deleting files with `unlink()` is potentially dangerous. A malicious actor could use this to modify or access files they have no right to.">			unlink($dbpath);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.file-inclusion" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" line="144">

			<failure type="ERROR" message="Detected non-constant file inclusion. This can lead to local file inclusion (LFI) or remote file inclusion (RFI) if user input reaches this statement. LFI and RFI could lead to sensitive files being obtained by attackers. Instead, explicitly specify what to include. If that is not a viable solution, validate user input thoroughly.">      include_once(build_file_path($rootPath, 'cpt_site_config.php'));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.file-inclusion" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" line="162">

			<failure type="ERROR" message="Detected non-constant file inclusion. This can lead to local file inclusion (LFI) or remote file inclusion (RFI) if user input reaches this statement. LFI and RFI could lead to sensitive files being obtained by attackers. Instead, explicitly specify what to include. If that is not a viable solution, validate user input thoroughly.">      include_once(build_file_path($rootPath, 'cpt_site_config.php'));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.file-inclusion" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" line="981">

			<failure type="ERROR" message="Detected non-constant file inclusion. This can lead to local file inclusion (LFI) or remote file inclusion (RFI) if user input reaches this statement. LFI and RFI could lead to sensitive files being obtained by attackers. Instead, explicitly specify what to include. If that is not a viable solution, validate user input thoroughly.">        include_once(build_file_path($rootPath, 'cpt_site_config.php'));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/grdata.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/grdata.php" line="28">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">    if (startsWith($realGrPath, realpath('.')) &amp;&amp; file_exists($grPath)) {

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/grdata.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/grdata.php" line="39">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">              $response['data'] = file_get_contents($grPath);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/mail_controller.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/mail/mail_controller.php" line="204">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">          if (!file_exists($path)) {

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/note_controller.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/note_controller.php" line="26">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">    if (!file_exists($full_path) || !startsWith(realpath($full_path), cptBaseDir()))

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/note_controller.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/note_controller.php" line="29">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">    $content = file_get_contents($full_path);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utility.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utility.php" line="153">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">    if (file_exists($file)) {

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utility.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utility.php" line="160">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">      header('Content-Length: ' . filesize($file));

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utility.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utility.php" line="161">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">      readfile($file);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utility.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utility.php" line="162">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">      unlink($file);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" line="142">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">    if (file_exists(build_file_path($rootPath, 'cpt_site_config.php')))

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" line="160">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">    if (file_exists(build_file_path($rootPath, 'cpt_site_config.php')))

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" line="979">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">      if (file_exists(build_file_path($rootPath, 'cpt_site_config.php')))

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" line="1107">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">    if (!file_exists($indexLegacyPath) &amp;&amp; file_exists($indexPath))

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" line="1107">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">    if (!file_exists($indexLegacyPath) &amp;&amp; file_exists($indexPath))

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/utils.php" line="1112">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">    if (file_exists($indexLegacyPath))

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="744">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">				if(is_file($dbname) || is_dir($dbname)) $dbexists = true;

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="744">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">				if(is_file($dbname) || is_dir($dbname)) $dbexists = true;

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="836">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">			unlink($dbpath);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="880">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">			if(is_file($newpath) || is_dir($newpath)) $dbexists = true;

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="880">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">			if(is_file($newpath) || is_dir($newpath)) $dbexists = true;

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-filename" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="961">

			<failure type="WARNING" message="File name based on user input risks server-side request forgery.">		readfile($_GET['download']);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-sql-string" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/account_management.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/account_management.php" line="80">

			<failure type="ERROR" message="User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`$mysqli-&gt;prepare(&quot;INSERT INTO test(id, label) VALUES (?, ?)&quot;);`) or a safe library.">      $error = sprintf(L(&quot;Failed to create account, maybe name '%s' is taken&quot;), $name);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-sql-string" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/dashboard.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/dashboard.php" line="132">

			<failure type="ERROR" message="User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`$mysqli-&gt;prepare(&quot;INSERT INTO test(id, label) VALUES (?, ?)&quot;);`) or a safe library.">      $error = sprintf(L(&quot;failed to update layout for dashboard(#%s)&quot;), $id);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-sql-string" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/data_exporter.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/data_exporter.php" line="247">

			<failure type="ERROR" message="User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`$mysqli-&gt;prepare(&quot;INSERT INTO test(id, label) VALUES (?, ?)&quot;);`) or a safe library.">      $query = &quot;SELECT {$columns} FROM {$table}&quot;

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-sql-string" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/data_exporter.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/app/data_exporter.php" line="261">

			<failure type="ERROR" message="User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`$mysqli-&gt;prepare(&quot;INSERT INTO test(id, label) VALUES (?, ?)&quot;);`) or a safe library.">        $query = 'SELECT * FROM ( ' . $query . ') ORDER BY dt ASC;';

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-sql-string" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/dashboard/index.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/cpt/dashboard/index.php" line="230">

			<failure type="ERROR" message="User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`$mysqli-&gt;prepare(&quot;INSERT INTO test(id, label) VALUES (?, ?)&quot;);`) or a safe library.">      $error = sprintf(L(&quot;failed to update layout for dashboard(#%s)&quot;), $id);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-sql-string" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="1176">

			<failure type="ERROR" message="User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`$mysqli-&gt;prepare(&quot;INSERT INTO test(id, label) VALUES (?, ?)&quot;);`) or a safe library.">			$query = &quot;CREATE TABLE &quot;.$db-&gt;quote($name).&quot; (&quot;

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-sql-string" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="1231">

			<failure type="ERROR" message="User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`$mysqli-&gt;prepare(&quot;INSERT INTO test(id, label) VALUES (?, ?)&quot;);`) or a safe library.">			$query = &quot;DELETE FROM &quot;.$db-&gt;quote_id($_POST['tablename']);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-sql-string" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="1245">

			<failure type="ERROR" message="User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`$mysqli-&gt;prepare(&quot;INSERT INTO test(id, label) VALUES (?, ?)&quot;);`) or a safe library.">			$query = &quot;CREATE VIEW &quot;.$db-&gt;quote($_POST['viewname']).&quot; AS &quot;.$_POST['select'];

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-sql-string" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="1255">

			<failure type="ERROR" message="User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`$mysqli-&gt;prepare(&quot;INSERT INTO test(id, label) VALUES (?, ?)&quot;);`) or a safe library.">			$query = &quot;DROP TABLE &quot;.$db-&gt;quote_id($_POST['tablename']);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-sql-string" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="1265">

			<failure type="ERROR" message="User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`$mysqli-&gt;prepare(&quot;INSERT INTO test(id, label) VALUES (?, ?)&quot;);`) or a safe library.">			$query = &quot;DROP VIEW &quot;.$db-&gt;quote_id($_POST['viewname']);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-sql-string" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="1275">

			<failure type="ERROR" message="User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`$mysqli-&gt;prepare(&quot;INSERT INTO test(id, label) VALUES (?, ?)&quot;);`) or a safe library.">			$query = &quot;ALTER TABLE &quot;.$db-&gt;quote_id($_POST['oldname']).&quot; RENAME TO &quot;.$db-&gt;quote($_POST['newname']);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-sql-string" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="1340">

			<failure type="ERROR" message="User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`$mysqli-&gt;prepare(&quot;INSERT INTO test(id, label) VALUES (?, ?)&quot;);`) or a safe library.">					$query = &quot;INSERT INTO &quot;.$db-&gt;quote_id($target_table);

</failure>

		</testcase>

		<testcase name="external.semgrep-rules.php.lang.security.injection.tainted-sql-string" classname="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" file="/logs/firmware/unblob_extracted/firmware_extract/1568982-13971496.squashfs_v4_le_extract/www/public/sdcard/phpliteadmin.php" line="1365">

			<failure type="ERROR" message="User data flows into this manually-constructed SQL string. User data can be safely inserted into SQL strings using prepared statements or an object-relational mapper (ORM). Manually-constructed SQL strings is a possible indicator of SQL injection, which could let an attacker steal or manipulate data from the database. Instead, use prepared statements (`$mysqli-&gt;prepare(&quot;INSERT INTO test(id, label) VALUES (?, ?)&quot;);`) or a safe library.">			$query = &quot;DELETE FROM &quot;.$db-&gt;quote_id($target_table).&quot; WHERE (&quot;.$db-&gt;wherePK($target_table,json_decode($pks[0])).&quot;)&quot;

</failure>

		</testcase>

	</testsuite>

</testsuites>

┌──────────────┐

│ Scan Summary │

└──────────────┘

Some files were skipped or only partially analyzed.

  Partially scanned: 4 files only partially analyzed due to parsing or internal Semgrep errors

  Scan skipped: 12 files larger than 1.0 MB, 37 files matching .semgrepignore patterns

  For a full list of skipped files, run semgrep with the --verbose flag.

Ran 57 rules on 98 files: 133 findings.