[Modem Request] Arris CM3500B

[ChBi89]

Modem Model

CM3500B

Manufacturer

Arris

Modem IP Address

192.168.100.1

Authentication Required

Yes - requires username/password

Authentication Details (if required)

Authorization seems to be done via a POST of form data to https://192.168.100.1/cgi-bin/login_cgi (untrusted certificate)
the fields are called 'username' and 'password', for some reason i dont see this in the har file...
The response header sets a cookie called 'credential' which seems to be used going forward,
it seems it is more of a session identifier as the content changes across logins

How are you providing data?

HAR Capture - Used playwright script (for auth issues)

Files Attached

modem_20251219_020111.sanitized.har.gz

Relevant content seems to be mostly in the
GET call to https://192.168.100.1/cgi-bin/status_cgi which returns HTML with downstream/upstream info and uptime

I did navigate the other pages, but I dont think they are needed for the time beeing

Improved sanitization
Removed Serial Number from HTML Table in
https://192.168.100.1/cgi-bin/vers_cgi changed to REDACTED (one occurance)

Cookies with the name credential were sanitized in the headers section, but not in the cookies section of the har
replaced the value with REDACTED (10 occurances)

The _securityDetails section has the certificate issued to something that looks like a serialnumber (subjectName),
but it is not the official one displayed or printed on the box,
but it might be unique to my device. so I replaced it with REDACTED (25 occurances)

Additional Information

About the provider
ISP is Vodafone Germany on its past Unitymedia network

About the Modem
System: ARRIS DOCSIS 3.1 / EuroDOCSIS 3.0 Touchstone Cable Modem
HW_REV: 3
VENDOR: ARRIS Group, Inc.
BOOTR: 2.2.32.703059
SW_REV: 11.05.042.02.EURO.NCS
MODEL: CM3500B

Checklist

• I have used Fallback Mode + Capture HTML, OR sanitized my files to remove PII
• I have searched my capture file for my WiFi SSID and password to verify they're not present
• I understand this may take time as it requires developing a custom parser
• I'm willing to test the parser once it's developed

[ChBi89]

If you need anymore input let me know. If you are patient and assign it to me I can probably get it done myself aswell, but you might need to review the code and nudge me a bit if its not fitting your style ;)

[kwschulz]

Hey @ChBi89, nice submission - the HAR capture and notes were really helpful.

Pushed a parser to feat/cm3500b-parser. Channel parsing works against the fixtures - downstream/upstream QAM, OFDM, uptime, etc. Even found a fun firmware quirk where the upstream OFDM table has more data columns than headers.

The clean data capture is what made this fast - I let AI generate the fixtures, tests, and parser. That's the power of good captures. Auth is the one piece I'm less confident on. The login POST didn't make it into the HAR (our capture tool has a bug I'm fixing), so AI had to guess based on the form structure.

Since you offered to help - want to take it for a spin? If auth doesn't work, happy to help debug or walk you through the code.

[ChBi89]

Hey Ken,
seems to be at least partially working, after selecting the modem in the drop down and entering my credentials, it does not seem to actually retrieve the data, but looking at the built in diagnostics json, it seems it is able to retieve contentent from https://192.168.100.1/cgi-bin/vers_cgi ... but not from https://192.168.100.1/cgi-bin/status_cgi .

Both do require login, so my guess now is that this is execution order.
A json list perse has no order, but it standsout that the order in the json is:

1. retrieve status page (failed)
2. login
3. retrieve version page (success)

None of the entities in Home Assistant have any values:

See diagnostics json:
config_entry-cable_modem_monitor-01KCTKDAN1126HQFX5VKS5XY9X.json

[ChBi89]

so I am carefully optimistic that it's just something small(ish).
I will also have a look at the code, but might need some time to familiarize myself.
Will start having a look at the checkins of this branch :)

[ChBi89]

Reading your checkin with the instructions for the AI "If user describes auth flow but says "I don't see it in the capture" or similar, STOP and request re-capture." and seeing you improved the capture in another checkin, here is an updated capture, i did the same sanitization as mentioned in the start of the ticket, but this time arround we see the post of the form data, which should help validate the mechanism.

for some reason it seems i can not upload in comments anymore ... https://pastebin.com/z0TncSmK

[ChBi89]

From my Home Assistant Logs, it actually looks like login works, but it gets a bit upset about parsing the OFDM-1 as integer ...
but that means that the login probably did work...?
why the content in the diagnostics is empty i don't necessarily understand.

2025-12-19 07:05:32.034 WARNING (MainThread) [custom_components.cable_modem_monitor.config_flow] Performing quick connectivity check to 192.168.100.1
2025-12-19 07:05:32.229 WARNING (MainThread) [custom_components.cable_modem_monitor.config_flow] Quick connectivity check PASSED for 192.168.100.1
2025-12-19 07:05:32.230 WARNING (MainThread) [custom_components.cable_modem_monitor.config_flow] Creating scraper for 192.168.100.1
2025-12-19 07:05:32.230 WARNING (MainThread) [custom_components.cable_modem_monitor.config_flow] Attempting to connect to modem at 192.168.100.1
2025-12-19 07:05:33.720 WARNING (MainThread) [custom_components.cable_modem_monitor.config_flow] Detection successful: {'modem_name': 'ARRIS CM3500B', 'manufacturer': 'ARRIS', 'successful_url': 'https://192.168.100.1/cgi-bin/status_cgi', 'docsis_version': '3.1', 'fixtures_path': 'tests/parsers/arris/fixtures/cm3500b', 'fixtures_url': 'https://github.com/solentlabs/cable_modem_monitor/tree/main/tests/parsers/arris/fixtures/cm3500b', 'verified': False, 'supports_icmp': True}
2025-12-19 07:05:35.154 WARNING (MainThread) [custom_components.cable_modem_monitor] Scraper failed but modem is responding to health checks: invalid literal for int() with base 10: 'OFDM-1'
2025-12-19 07:06:11.172 WARNING (MainThread) [custom_components.cable_modem_monitor] Scraper failed but modem is responding to health checks: invalid literal for int() with base 10: 'OFDM-1'

Thanks for all your help already!!

[kwschulz]

Nice detective work!

You're on the right track — check how the parser sets OFDM channel IDs (lines 270 and 397 in cm3500b.py). The core code expects integers, but we're passing strings like "OFDM-1". The modulation field already signals the channel type, so the prefix is redundant.

Tests will need updating too (lines 139 and 190 in test_cm3500b.py).

[ChBi89]

thanks for the hint, will have a look :)

[ChBi89]

Looks promising, will check data etc and prepare a commit

You like a simple commit in the same branch, or rather a new branch from the feature branch :)

[ChBi89]

there is some more issues beyond the above, will take a closer look later (US QAM channels have no data).

I also want to make sure system_info can be read properly, about that a quick question. Obviously we have two 'soups' with interresting data, especially for system data we need to use both, does anothers modems parser do this already (so i can get some inspiration)?

Currently I am unclear whether there is a way to target a specific 'soup' (from one url vs the other).
Or whether the parses always run over all soups and just set the information they can find. If the later is the case we need to be careful to not set certain properties in system info and make sure we can merge the system info from two different soups..

eg uptime is on the status page, and sw version on the version page, but both contribute to system_info.

sry still getting a hang of this code