Metrics:
Total lines of code: 13474
Total lines skipped (#nosec): 45

hardcoded_tmp_directory: Probable insecure usage of temp file/directory.
Test ID: B108
Severity: MEDIUM
Confidence: MEDIUM
CWE: CWE-377
File: plugin/controllers/AT.py
Line number: 76
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
75				os.remove(ATFN)
76			checkfile = '/tmp/.autotimeredit'
77			f = os.open(checkfile, os.O_WRONLY | os.O_CREAT)
start_process_with_a_shell: Starting a process with a shell, possible injection detected, security issue.
Test ID: B605
Severity: HIGH
Confidence: HIGH
CWE: CWE-78
File: plugin/controllers/AT.py
Line number: 89
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b605_start_process_with_a_shell.html
88					tarFiles += "%s " % arg
89				lines = os.popen("tar cvf %s %s" % (ATFN, tarFiles)).readlines()
90				os.remove(checkfile)
start_process_with_a_shell: Starting a process with a shell, possible injection detected, security issue.
Test ID: B605
Severity: HIGH
Confidence: HIGH
CWE: CWE-78
File: plugin/controllers/AT.py
Line number: 113
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b605_start_process_with_a_shell.html
112				check_tar = False
113				lines = os.popen('tar -tf %s' % ATFN).readlines()
114				for line in lines:
start_process_with_a_shell: Starting a process with a shell, possible injection detected, security issue.
Test ID: B605
Severity: HIGH
Confidence: HIGH
CWE: CWE-78
File: plugin/controllers/AT.py
Line number: 120
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b605_start_process_with_a_shell.html
119				if check_tar:
120					lines = os.popen('tar xvf %s -C /' % ATFN).readlines()
121
try_except_pass: Try, Except, Pass detected.
Test ID: B110
Severity: LOW
Confidence: HIGH
CWE: CWE-703
File: plugin/controllers/AT.py
Line number: 128
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b110_try_except_pass.html
127							autotimer.readXml()
128						except Exception:
129							# TODO: proper error handling
130							pass
131
hardcoded_password_string: Possible hardcoded password: ''
Test ID: B105
Severity: LOW
Confidence: MEDIUM
CWE: CWE-259
File: plugin/controllers/NET.py
Line number: 187
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b105_hardcoded_password_string.html
186			if password is None:
187				password = ""
188
hardcoded_tmp_directory: Probable insecure usage of temp file/directory.
Test ID: B108
Severity: MEDIUM
Confidence: MEDIUM
CWE: CWE-377
File: plugin/controllers/base.py
Line number: 282
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
281			variant = "oscam"
282			for file in ["/tmp/.ncam/ncam.version", "/tmp/.oscam/oscam.version"]:
283				if fileExists(file):  # nosec
hardcoded_tmp_directory: Probable insecure usage of temp file/directory.
Test ID: B108
Severity: MEDIUM
Confidence: MEDIUM
CWE: CWE-377
File: plugin/controllers/base.py
Line number: 282
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
281			variant = "oscam"
282			for file in ["/tmp/.ncam/ncam.version", "/tmp/.oscam/oscam.version"]:
283				if fileExists(file):  # nosec
try_except_pass: Try, Except, Pass detected.
Test ID: B110
Severity: LOW
Confidence: HIGH
CWE: CWE-703
File: plugin/controllers/epgevent.py
Line number: 175
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b110_try_except_pass.html
174				debug("[[[   convertRating(%s) age=%s country=%s  ]]]" % (val, age, country), "EPGEvent")
175			except Exception as err:
176				pass
177				#error(err, "EPGEvent")
hardcoded_tmp_directory: Probable insecure usage of temp file/directory.
Test ID: B108
Severity: MEDIUM
Confidence: MEDIUM
CWE: CWE-377
File: plugin/controllers/ipkg.py
Line number: 93
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
92			try:
93				for line in open("/tmp/opkg.tmp", 'r'):
94					if line.startswith('Package:'):
hardcoded_tmp_directory: Probable insecure usage of temp file/directory.
Test ID: B108
Severity: MEDIUM
Confidence: MEDIUM
CWE: CWE-377
File: plugin/controllers/ipkg.py
Line number: 217
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
216					try:
217						data = open("/tmp/opkg.tmp", 'r').read()
218						self.request.write(six.ensure_binary(data))
try_except_pass: Try, Except, Pass detected.
Test ID: B110
Severity: LOW
Confidence: HIGH
CWE: CWE-703
File: plugin/controllers/models/OWFMovieList.py
Line number: 47
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b110_try_except_pass.html
46					return serviceref.getPath()
47			except:
48				pass
49			return 0
try_except_pass: Try, Except, Pass detected.
Test ID: B110
Severity: LOW
Confidence: HIGH
CWE: CWE-703
File: plugin/controllers/models/config.py
Line number: 242
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b110_try_except_pass.html
241					})
242				except Exception:
243					pass
244		return {
blacklist: Use of possibly insecure function - consider using safer ast.literal_eval.
Test ID: B307
Severity: MEDIUM
Confidence: HIGH
CWE: CWE-78
File: plugin/controllers/models/config.py
Line number: 331
More info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b307-eval
330						try:
331							result = eval(require)
332							result = bool(result.value and str(result.value).lower() not in ("0", "disable", "false", "no", "off"))
blacklist: Use of possibly insecure function - consider using safer ast.literal_eval.
Test ID: B307
Severity: MEDIUM
Confidence: HIGH
CWE: CWE-78
File: plugin/controllers/models/config.py
Line number: 342
More info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_calls.html#b307-eval
341				try:
342					if not bool(eval(conditional)):
343						return False
hardcoded_tmp_directory: Probable insecure usage of temp file/directory.
Test ID: B108
Severity: MEDIUM
Confidence: MEDIUM
CWE: CWE-377
File: plugin/controllers/models/grab.py
Line number: 72
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b108_hardcoded_tmp_directory.html
71	
72			self.filepath = "/tmp/screenshot." + fileformat
73			self.container = eConsoleAppContainer()
start_process_with_a_shell: Starting a process with a shell, possible injection detected, security issue.
Test ID: B605
Severity: HIGH
Confidence: HIGH
CWE: CWE-78
File: plugin/controllers/models/info.py
Line number: 109
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b605_start_process_with_a_shell.html
108				try:
109					speed = os.popen('iwlist ' + iface + ' bitrate | grep "Bit Rate"').read().split(':')[1].split(' ')[0]
110				except:  # nosec # noqa: E722
hashlib: Use of weak SHA1 hash for security. Consider usedforsecurity=False
Test ID: B324
Severity: HIGH
Confidence: HIGH
CWE: CWE-327
File: plugin/controllers/models/owibranding.py
Line number: 83
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b324_hashlib.html
82		dest = rsa_pub1024(src[:128], mod)
83		hash = hashlib.sha1(dest[1:107])
84		if len(src) == 202:
try_except_pass: Try, Except, Pass detected.
Test ID: B110
Severity: LOW
Confidence: HIGH
CWE: CWE-703
File: plugin/controllers/models/stream.py
Line number: 112
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b110_try_except_pass.html
111					args = args.replace('__', urlparam)
112				except Exception:
113					pass
114
try_except_pass: Try, Except, Pass detected.
Test ID: B110
Severity: LOW
Confidence: HIGH
CWE: CWE-703
File: plugin/controllers/models/stream.py
Line number: 218
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b110_try_except_pass.html
217						args = args.replace('__', urlparam)
218					except Exception:
219						pass
220				# Add position parameter to m3u link
try_except_pass: Try, Except, Pass detected.
Test ID: B110
Severity: LOW
Confidence: HIGH
CWE: CWE-703
File: plugin/controllers/models/timers.py
Line number: 96
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b110_try_except_pass.html
95				filename = timer.Filename
96			except Exception:
97				pass
98
try_except_pass: Try, Except, Pass detected.
Test ID: B110
Severity: LOW
Confidence: HIGH
CWE: CWE-703
File: plugin/controllers/models/timers.py
Line number: 101
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b110_try_except_pass.html
100				nextactivation = timer.next_activation
101			except Exception:
102				pass
103
try_except_pass: Try, Except, Pass detected.
Test ID: B110
Severity: LOW
Confidence: HIGH
CWE: CWE-703
File: plugin/controllers/web.py
Line number: 2367
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b110_try_except_pass.html
2366						return {'configs': resultcfgs}
2367				except Exception:
2368					# TODO show exception
2369					pass
2370			return {}
try_except_pass: Try, Except, Pass detected.
Test ID: B110
Severity: LOW
Confidence: HIGH
CWE: CWE-703
File: plugin/controllers/web.py
Line number: 2381
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b110_try_except_pass.html
2380					comp_config.OpenWebif.webcache.moviedb.save()
2381				except Exception:
2382					pass
2383			elif b"showpicons" in list(request.args.keys()):
try_except_pass: Try, Except, Pass detected.
Test ID: B110
Severity: LOW
Confidence: HIGH
CWE: CWE-703
File: plugin/controllers/web.py
Line number: 2411
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b110_try_except_pass.html
2410					comp_config.OpenWebif.webcache.smallremote.save()
2411				except Exception:
2412					pass
2413			elif b"theme" in list(request.args.keys()):
try_except_pass: Try, Except, Pass detected.
Test ID: B110
Severity: LOW
Confidence: HIGH
CWE: CWE-703
File: plugin/controllers/web.py
Line number: 2417
More info: https://bandit.readthedocs.io/en/1.8.6/plugins/b110_try_except_pass.html
2416					comp_config.OpenWebif.webcache.theme.save()
2417				except Exception:
2418					pass
2419			elif b"mepgmode" in list(request.args.keys()):