If you like BoxMatrix then please contribute Supportdata, Supportdata2, Firmware and/or Hardware (get in touch).
My metamonk@yahoo.com is not reachable by me since september. Please use hippie2000@webnmail.de instead.

0
U

Property:webcm

From BoxMatrix


BoxMatrix >> Shell-Commands >> webcm @ BoxMatrix   -   IRC-Chat   -   Translate: de es fr it nl pl
News Selectors Models Accessories Components Environment Config Commands System Webif Software Develop Lexicon Community Project Gallery

Startup-Scr Hotplug-Scr BusyBox-Cmds Bash-Cmds AVM-Cmds Chipset-Cmds Linux-Cmds Shared-Libs Kernel-Mods Research

AVM-Command

Goto:   Exploit  -  Source  -  Dependencies   -   Model-Matrix   -   Symbols   -   SMW-Browser

Details

For a long time the complete Webinterface was implemented through the CGI executable webcm.
It is one of the oldest executables in FRITZ!OS since it comes from the Texas Instruments AR7RD SDK.

For recent firmware webcm is not used any more. Symlinks still exist but the executable was removed.
See the Size column of the Model-Matrix. A Link always existed, but new models just have a Link and no executable.

Exploit

In early February 2014 a major webcm bug was discovered and exploited, which rendered numerous firmwares vulnerable.
AVM fixed them all, even for old models. See the list of german models and international models which were fixed.

All models with CONFIG_MULTI_LANGUAGE = "y" were affected, regardless of being german or international models.

There is a good analysis of the webcm exploit: part1, part2.

Source

The names of source files compiled into an executable often help to understand function blocks (and show gaps in the docs).
fw 4.71 source files:

$ strings / | grep -e '\.c$' -e '\.cpp$'

main.c
cgi.c
post.c
referrer_check.c
query_cache_simple.c
interpreter_link.c

Weblinks

Dependencies

Daily updated index of all dependencies of this command. Last update: 2023-02-07 07:21 GMT.
A * in the Mod column marks info from Supportdata-Probes, which will always stay incomplete.

Relation Typ Object Mod Firmware Info Origin
Serving sock me_webcm($num).ctl 1* 5.09 TODO AVM
Depends on lib ld.so 1 7.08 Dynamic linker / loader Linux
Depends on lib libar7cfg.so 14 1.133 - 7.27 TFFS-Configuration API to ar7.cfg and many more. AVM
Depends on lib libavmauth.so 4 6.98 - 7.27 Fritzbox authentification helpers AVM
Depends on lib libavmcipher.so 14 3.23 - 7.27 AES / DES / Rijndael encryption / decryption. AVM
Depends on lib libavmcsock.so 100 1.120 - 7.27 Networking, I/O and helper functions AVM
Depends on lib libavmhmac.so 80 3.23 - 7.27 HMAC / SHA / MD5 hashing. AVM
Depends on lib libboxlib.so 100 1.120 - 7.27 Box status, logging and statistics functions AVM
Depends on lib libc.so 100 1.63 - 7.27 Standard C library Linux
Depends on lib libcm.so 100 1.63 - 7.27 ctlmgr / cm_logic messaging API Linux
Depends on lib libcmexpat.so 2 1.63 - 2.76 Stream-oriented XML parser (subset) Linux
Depends on lib libcrypto.so 4 6.98 - 7.27 OpenSSL general crypto and X.509 library Linux
Depends on lib libdl.so 97 1.120 - 7.08 Dynamic linking library Linux
Depends on lib libdputil.so 5 6.35 - 7.27 DataPipe / packet utilities AVM
Depends on lib libewnwlinux.so 87 4 - 7.27 Linux networking functions AVM
Depends on lib libewnwnet.so 59 4.74 - 7.27 Internet helper functions AVM
Depends on lib libgcc_s.so 74 4 - 6.30 GCC low-level runtime library Linux
Depends on lib libjuisclient.so 4 6.98 - 7.27 Update-Search - second generation - JUIS AVM
Depends on lib libpthread.so 97 1.120 - 7.08 POSIX threading library Linux
Depends on lib librt.so 2 6.35 - 7.08 POSIX realtime extensions library Linux
Depends on lib libslab.so 54 3.45 - 5.09 Slab allocator or empty dummy library Linux
Depends on lib libsvctl.so 3 7.19 - 7.27 supervisor notification library AVM
Depends on lib libtiinterpreter.so 77 4.52 - 7.27 Preprocessor for SSI-Files by TI. AVM
Depends on lib libwdt.so 100 1.120 - 7.27 AVM-Watchdogs management API AVM
Depends on lib libwebsrv.so 5 6.35 - 7.27 HTTP / HTTPS webserver and tools. AVM
Depends on lib libz.so 4 6.98 - 7.27 Zlib compressor / decompressor Linux
26 dependencies for this command

Model-Matrix

Daily updated index of the presence, path and size of this command for each model. Last update: 2023-02-07 05:56 GMT.
Showing all models using this command. Click any column header (click-wait-click) to sort the list by the respective data.
The (main/scrpn/boot/arm/prx/atom) label in the Model column shows which CPU is meant for models with multiple Linux instances.
Note that this list is merged from Firmware-Probes of all known AVM firmware for a model, including Recovery.exe and Labor-Files.

Model Firmware Path Size
FRITZ!Box 2.76 - 4.02 /usr/www/cgi-bin, <long> 31.1k - 35.2k, Link
FRITZ!Box SL 1.63 - 3.94 /usr/www/cgi-bin, <long> 31.1k - 33.7k, Link
FRITZ!Box 2030 3.73 - 3.93 /usr/www/cgi-bin, <long> 31.2k, Link
FRITZ!Box 2031 4.15 /usr/www/cgi-bin, <long> 35.3k, Link
FRITZ!Box 2070 3.87 - 4.15 /usr/www/cgi-bin, <long> 31.2k - 35.3k, Link
FRITZ!Box 2110 4.47 - 4.52 /usr/www/cgi-bin, <long> 35.6k, Link
FRITZ!Box 2170 4.31 - 4.57 /usr/www/cgi-bin, <long> 23.0k - 35.6k, Link
FRITZ!Box SL WLAN 3.23 - 4.34 /usr/www/cgi-bin, <long> 31.1k - 35.6k, Link
FRITZ!Box WLAN 3020 3.23 - 4.34 /usr/www/cgi-bin, <long> 31.1k - 35.6k, Link
FRITZ!Box WLAN 3030 3.65 - 4.34 /usr/www/cgi-bin, <long> 31.2k - 35.6k, Link
FRITZ!Box WLAN 3050 3.63 - 4.07 /usr/www/cgi-bin, <long> 31.2k - 35.3k, Link
FRITZ!Box WLAN 3070 3.87 - 4.15 /usr/www/cgi-bin, <long> 31.2k - 35.3k, Link
FRITZ!Box WLAN 3130 4.21 - 4.34 /usr/www/cgi-bin, <long> 35.3k - 35.6k, Link
FRITZ!Box WLAN 3131 4.29 - 4.57 /usr/www/cgi-bin, <long> 23.0k - 35.6k, Link
FRITZ!Box WLAN 3170 4.31 - 4.58 /usr/www/cgi-bin, <long> 23.0k - 35.6k, Link
FRITZ!Box WLAN 3270 4.57 - 5.54 /usr/www/cgi-bin, <long> 21.4k - 29.7k, Link
FRITZ!Box WLAN 3270 v3 4.77 - 5.54 /usr/www/cgi-bin, <long> 24.2k - 29.7k, Link
FRITZ!Box WLAN 3270 IT 5.23 - 5.52 /usr/www/cgi-bin, <long> 24.3k - 27.1k, Link
FRITZ!Box 3272 5.50 - 6.88 /usr/www/cgi-bin, <long> 23.8k - 24.3k, Link
FRITZ!Box WLAN 3370 5.01 - 6.55 /usr/www/cgi-bin, <long> 23.8k - 27.2k, Link
FRITZ!Box 3390 5.50 - 6.55 /usr/www/cgi-bin, <long> 23.8k - 24.6k, Link
FRITZ!Box 3490 (main) 6.20 - 7.30 /usr/www/cgi-bin, <long> 24.2k, Link
FRITZ!Box Fon ata 3.23 - 4.28 /usr/www/cgi-bin, <long> 31.1k - 35.3k, Link
FRITZ!Box Fon ata 1020 3.23 - 4.28 /usr/www/cgi-bin, <long> 31.1k - 35.3k, Link
FRITZ!Box 4020 6.27 - 7.02 /usr/www/cgi-bin, <long> 23.7k, Link
FRITZ!Box 4040 6.50 - 7.39 <long> Link
FRITZ!Box 4060 7.26 - 7.39 <long> Link
FRITZ!Box Fon 1.120 - 4.49 /usr/www/cgi-bin, <long> 31.1k - 38.3k, Link
FRITZ!Box Fon 5010 3.88 - 4.43 /usr/www/cgi-bin, <long> 31.2k - 35.6k, Link
FRITZ!Box Fon 5012 3.88 - 4.27 /usr/www/cgi-bin, <long> 31.2k - 35.3k, Link
FRITZ!Box Fon 5050 3.23 - 4.31 /usr/www/cgi-bin, <long> 31.1k - 35.3k, Link
FRITZ!Box Fon 5113 4.82 - 4.83 /usr/www/cgi-bin, <long> 29.8k - 30.3k, Link
FRITZ!Box Fon 5124 4.47 - 4.77 /usr/www/cgi-bin, <long> 26.1k - 35.6k, Link
FRITZ!Box Fon 5140 4.25 - 4.67 /usr/www/cgi-bin, <long> 23.0k - 35.6k, Link
VoIP Gateway 5188 4.28 - 4.81 /usr/www/cgi-bin, <long> 23.0k - 35.6k, Link
FRITZ!Box 5490 (main) 6.51 - 7.29 <long> Link
FRITZ!Box 5491 (main) 7.01 - 7.29 <long> Link
FRITZ!Box 5530 Fiber (main) 7.21 - 7.30 <long> Link
FRITZ!Box 5590 Fiber (arm) 7.27 - 7.39 <long> Link
FRITZ!Box 6320 Cable v1 6.03 - 6.04 /usr/www/cgi-bin, <long> 18.8k, Link
FRITZ!Box 6320 Cable v2 6.21 /usr/www/cgi-bin, <long> 18.9k, Link
FRITZ!Box 6340 Cable 5.24 /usr/www/cgi-bin, <long> 20.6k, Link
FRITZ!Box 6360 Cable 4.85 - 6.51 /usr/www/cgi-bin, <long> 18.8k - 23.8k, Link
FRITZ!Box 6430 Cable (arm) 6.84 - 7.29 <long> Link
FRITZ!Box 6430 Cable (atom) 6.84 - 7.29 <long> Link
FRITZ!Box 6490 Cable (arm) 6.20 - 7.39 /usr/www/cgi-bin, <long> 18.8k, Link
FRITZ!Box 6490 Cable (atom) 6.20 - 7.39 <long> Link
FRITZ!Box 6590 Cable (arm) 6.83 - 7.39 <long> Link
FRITZ!Box 6590 Cable (atom) 6.83 - 7.39 <long> Link
FRITZ!Box 6591 Cable (arm) 7.04 - 7.39 <long> Link
FRITZ!Box 6591 Cable (atom) 7.04 - 7.39 <long> Link
FRITZ!Box 6660 Cable (arm) 7.14 - 7.39 <long> Link
FRITZ!Box 6660 Cable (atom) 7.14 - 7.39 <long> Link
FRITZ!Box 6690 Cable (arm) 7.28 - 7.50 <long> Link
FRITZ!Box 6690 Cable (atom) 7.28 - 7.50 <long> Link
FRITZ!Box 6810 LTE 5.27 - 6.34 /usr/www/cgi-bin, <long> 23.8k - 27.0k, Link
FRITZ!Box 6820 LTE v1 6.40 - 7.29 <long> Link
FRITZ!Box 6820 LTE v2 6.40 - 7.29 <long> Link
FRITZ!Box 6820 LTE v3 7.19 - 7.29 <long> Link
FRITZ!Box 6840 LTE 5.07 - 6.87 /usr/www/cgi-bin, <long> 23.8k - 27.1k, Link
FRITZ!Box 6842 LTE 6.01 - 6.34 /usr/www/cgi-bin, <long> 23.8k - 24.3k, Link
FRITZ!Box 6850 LTE 7.21 - 7.39 <long> Link
FRITZ!Box 6850 5G 7.24 - 7.39 <long> Link
FRITZ!Box 6890 LTE 6.84 - 7.39 <long> Link
FRITZ!Box 6890 LTE v1 6.84 - 7.39 <long> Link
FRITZ!Box 6890 LTE v2 6.84 - 7.39 <long> Link
FRITZ!Box Fon WLAN 3.14 - 4.49 /usr/www/cgi-bin, <long> 31.1k - 38.3k, Link
FRITZ!Box Fon WLAN 7050 3.29 - 4.50 /usr/www/cgi-bin, <long> 31.1k - 35.6k, Link
FRITZ!Box Fon WLAN 7112 4.76 - 4.88 /usr/www/cgi-bin, <long> 28.0k - 29.7k, Link
FRITZ!Box Fon WLAN 7113 4.40 - 4.86 /usr/www/cgi-bin, <long> 23.0k - 35.6k, Link
FRITZ!Box Fon WLAN 7113 DE 4.40 - 4.77 /usr/www/cgi-bin, <long> 23.0k - 35.6k, Link
FRITZ!Box Fon WLAN 7113 INT 4.82 - 4.86 /usr/www/cgi-bin, <long> 29.8k - 30.3k, Link
FRITZ!Box Fon WLAN 7140 4.02 - 4.77 /usr/www/cgi-bin, <long> 23.0k - 35.6k, Link
FRITZ!Box Fon WLAN 7141 4.14 - 4.77 /usr/www/cgi-bin, <long> 23.0k - 67.1k, Link
FRITZ!Fon 7150 4.27 - 4.77 /usr/www/cgi-bin, <long> 23.0k - 35.6k, Link
FRITZ!Box Fon WLAN 7170 3.91 - 4.99 /usr/www/cgi-bin, <long> 21.8k - 35.6k, Link
FRITZ!Box Fon WLAN 7170 v1 3.91 - 4.99 /usr/www/cgi-bin, <long> 21.8k - 35.6k, Link
FRITZ!Box Fon WLAN 7170 v2 3.91 - 4.99 /usr/www/cgi-bin, <long> 21.8k - 35.6k, Link
FRITZ!Box Fon WLAN 7240 4.65 - 6.06 /usr/www/cgi-bin, <long> 23.9k - 31.8k, Link
FRITZ!Box Fon WLAN 7270 v1 4.44 - 4.99 /usr/www/cgi-bin, <long> 21.8k - 35.6k, Link
FRITZ!Box Fon WLAN 7270 v2 4.63 - 6.06 /usr/www/cgi-bin, <long> 23.9k - 32.5k, Link
FRITZ!Box Fon WLAN 7270 v3 4.70 - 6.06 /usr/www/cgi-bin, <long> 23.9k - 32.5k, Link
FRITZ!Box 7272 5.55 - 6.88 /usr/www/cgi-bin, <long> 23.8k - 24.3k, Link
FRITZ!Box 7312 5.23 - 6.55 /usr/www/cgi-bin, <long> 23.8k - 27.1k, Link
FRITZ!Box Fon WLAN 7320 4.85 - 6.34 /usr/www/cgi-bin, <long> 23.8k - 28.7k, Link
FRITZ!Box 7330 5.06 - 6.55 /usr/www/cgi-bin, <long> 23.8k - 27.1k, Link
FRITZ!Box 7330 SL 5.08 - 6.55 /usr/www/cgi-bin, <long> 23.8k - 27.1k, Link
FRITZ!Box Fon WLAN 7340 4.83 - 6.06 /usr/www/cgi-bin, <long> 24.1k - 29.7k, Link
FRITZ!Box Fon WLAN 7360 SL 5.04 - 6.34 /usr/www/cgi-bin, <long> 23.8k - 27.1k, Link
FRITZ!Box Fon WLAN 7360 v1 5.06 - 6.35 /usr/www/cgi-bin, <long> 23.8k - 27.1k, Link
FRITZ!Box Fon WLAN 7360 v2 5.22 - 6.87 /usr/www/cgi-bin, <long> 23.8k - 27.1k, Link
FRITZ!Box 7362 SL 5.53 - 7.13 /usr/www/cgi-bin, <long> 23.8k - 24.3k, Link
FRITZ!Box 7369 6.30 - 6.32 <long> Link
FRITZ!Box Fon WLAN 7390 4.81 - 6.87 /usr/www/cgi-bin, <long> 24.1k - 31.8k, Link
FRITZ!Box 7412 6.21 - 6.87 /usr/www/cgi-bin, <long> 24.2k, Link
FRITZ!Box 7430 6.26 - 7.29 /usr/www/cgi-bin, <long> 24.4k, Link
FRITZ!Box 7490 (main) 5.57 - 7.51 /usr/www/cgi-bin, <long> 23.8k - 24.8k, Link
FRITZ!Box 7510 7.30 - 7.39 <long> Link
FRITZ!Box 7520 6.98 - 7.50 <long> Link
FRITZ!Box 7520 v2 (arm) 7.30 - 7.50 <long> Link
FRITZ!Box 7530 6.93 - 7.51 <long> Link
FRITZ!Box 7530 AX 7.20 - 7.39 <long> Link
FRITZ!Box 7560 6.51 - 7.29 <long> Link
FRITZ!Box Fon WLAN 7570 vDSL 4.70 - 4.94 /usr/www/cgi-bin, <long> 27.2k - 32.5k, Link
FRITZ!Box 7580 6.51 - 7.29 <long> Link
FRITZ!Box 7581 6.54 - 7.16 <long> Link
FRITZ!Box 7582 6.83 - 7.16 <long> Link
FRITZ!Box 7583 7.01 - 7.31 <long> Link
FRITZ!Box 7583 VDSL 7.19 - 7.31 <long> Link
FRITZ!Box 7590 6.83 - 7.51 <long> Link
FRITZ!Box 7590 AX 7.19 - 7.39 /usr/www/cgi-bin, <long> 26.8k, Link
FRITZ!WLAN Repeater N/G 4.65 - 4.88 /usr/www/cgi-bin, <long> 25.0k - 27.2k, Link
FRITZ!WLAN Repeater 300E 5.01 - 6.33 /usr/www/cgi-bin, <long> 23.9k - 27.5k, Link
FRITZ!WLAN Repeater 310 A 5.24 - 7.15 /usr/www/cgi-bin, <long> 23.8k - 26.0k, Link
FRITZ!WLAN Repeater 310 B 6.30 - 7.15 <long> Link
FRITZ!WLAN Repeater 450E 6.00 - 7.14 /usr/www/cgi-bin, <long> 23.8k - 24.3k, Link
FRITZ!Repeater 600 7.11 - 7.29 <long> Link
FRITZ!Repeater 600 v2 7.19 - 7.30 <long> Link
FRITZ!WLAN Repeater 1160 6.51 - 7.14 <long> Link
FRITZ!Repeater 1200 7.11 - 7.29 <long> Link
FRITZ!Repeater 1200 AX 7.27 - 7.39 /usr/www/cgi-bin, <long> 25.2k, Link
FRITZ!WLAN Repeater 1750E 6.12 - 7.30 /usr/www/cgi-bin, <long> 24.3k, Link
FRITZ!Repeater 2400 7.12 - 7.50 <long> Link
FRITZ!Repeater 3000 6.98 - 7.39 /usr/www/cgi-bin, <long> 18.4k - 25.3k, Link
FRITZ!Repeater 3000 AX 7.39 - 7.41 <long> Link
FRITZ!Repeater 6000 7.19 - 7.39 /usr/www/cgi-bin, <long> 25.2k, Link
FRITZ!WLAN Repeater DVB-C 6.12 - 7.02 /usr/www/cgi-bin, <long> 24.3k, Link
FRITZ!Powerline 540E 5.58 - 7.14 /usr/www/cgi-bin, <long> 23.8k - 24.4k, Link
FRITZ!Powerline 546E 5.50 - 7.10 /usr/www/cgi-bin, <long> 23.8k - 24.4k, Link
FRITZ!Powerline 1240E 6.33 - 7.14 <long> Link
FRITZ!Powerline 1260E 6.90 - 7.29 <long> Link
FRITZ!Powerline 1260 7.08 - 7.29 <long> Link
FRITZ!Smart Gateway 7.39 - 7.51 <long> Link
congstar DSL-Box 4.25 - 4.81 /usr/www/cgi-bin, <long> 22.9k - 67.1k, Link
congstar komplett Box 4.68 - 4.81 /usr/www/cgi-bin, <long> 24.6k - 25.6k, Link
Speedport W 501V 3.93 - 4.38 /usr/www/cgi-bin, <long> 31.5k - 35.3k, Link
Speedport W 503V 4.68 - 4.81 /usr/www/cgi-bin, <long> 24.6k - 25.6k, Link
Speedport W 503V MK 4.79 /usr/www/cgi-bin, <long> 29.8k, Link
Speedport W 701V 4.25 - 4.81 /usr/www/cgi-bin, <long> 22.9k - 67.1k, Link
Speedport W 721V 4.74 - 4.75 /usr/www/cgi-bin, <long> 24.0k - 24.6k, Link
Speedport W 722V 4.76 - 4.79 /usr/www/cgi-bin, <long> 24.0k - 24.6k, Link
Speedport W 900V 4.21 - 4.57 /usr/www/cgi-bin, <long> 22.9k - 67.1k, Link
Speedport W 920V 4.78 - 4.79 /usr/www/cgi-bin, <long> 25.0k - 25.6k, Link
Speedport W 101 Bridge 4.68 /usr/www/cgi-bin, <long> 24.2k, Link
Eumex 300 IP 3.29 - 4.44 /usr/www/cgi-bin, <long> 31.1k - 35.5k, Link
Alice IAD 5130 4.65 - 4.71 /usr/www/cgi-bin, <long> 23.0k, Link
Alice IAD WLAN 3331 4.90 /usr/www/cgi-bin, <long> 27.4k, Link
Alice IAD 7570 vDSL 4.86 - 5.09 /usr/www/cgi-bin, <long> 27.2k, Link
148 models use this command

Symbols

Daily updated index of all symbols of this command. Last update: 2023-02-07 07:21 GMT.

Firmware Symbol
4.68 - 7.19 GetSessionId
4.63 - 7.27 Interpreter_Error_Callback
4.63 - 7.27 Interpreter_Open_Callback
4.63 - 7.27 Interpreter_Query_Callback
1.120 - 3.14 Log
4.63 - 7.19 NameWithoutVarPrefix
4.30 - 5.24 QueryCache_Exit
4.30 - 5.24 QueryCache_Insert
4.30 - 5.24 QueryCache_Lookup
4.52 - 5.09 ReferrerViolation
4.68 - 7.19 SetSessionId
1.120 - 7.19 add_debug_error
1.63 - 7.27 check_response
1.120 - 4.99 copy_buffer
1.63 - 4.99 do_display_page
1.63 - 7.27 do_post
1.120 - 4.99 fill_buffer
1.120 - 4.99 free_buffer
1.63 - 5.09 get_input
1.120 - 7.19 getcgivars
1.120 - 4.99 insert_text
4.28 - 7.19 is_post_write_access_violation
4.28 - 7.19 is_read_access_allowed
4.28 - 7.19 is_write_access_allowed
1.63 - 4.30 isloggedin
1.63 - 7.19 login
1.63 - 7.27 main
1.120 - 5.09 msgr_makeTransSetPost
1.120 - 4.99 new_buffer
1.63 - 7.19 parse_cgivars
4.28 - 5.09 parse_cgivars_from_parameter
1.63 - 4.99 parse_string
4.28 - 5.09 set_write_access
1.63 - 5.09 setup_input
1.120 - 4.99 size_buffer
1.120 - 5.09 unescape_url
1.120 - 5.09 valid_string
1.120 - 4.99 write_buffer
1.120 - 4.99 x2c
39 symbols for this command

SMW-Browser

Information is currently being retrieved from the backend.