Fritz!Box security warning

✨ Quic broadband | Apple TV | Samsung | AliExpress | Wise | Sharesies

Welcome Guest.

You haven't logged in yet. If you don't have an account you can register now.

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › Fritz!Box security warning

freitasm

BDFL - Memuneh
80685 posts

Uber Geek
+1 received by user: 41138

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#312493 22-Apr-2024 09:32

Send private message

Fritz!Box routers create a sub-domain on fritz.box to make browsing local devices in your network easier.

Assume your NAS hostname is "nas". An address is added from the DHCP requests so your NAS can be accessible by using a domain name such as nas.fritz.box instead of an IP address.

This is a feature of the Fritz!Box DNS server. This server will always return a private IP address.

The .box TLD is now available and someone registered fritz.box.

While this will not impact people using the default Fritz!Box DNS, it will be resolved if they use an external DNS such as 1.1.1.1, 8.8.8.8, AdGuard or even one run inside their network, like AdGuard or PiHole.

If you use an external DNS, your lookup for nas.fritz.box will return an external IP address controlled by unknown parties.

Again, this does not affect the Fritz!Box in its default configuration, only if you use a different DNS setting.

For example:

c:\> nslookup nas.fritz.box 8.8.8.8

Server: dns.google
Address: 8.8.8.8
Name: nas.fritz.box
Addresses: 2001:19f0:6c00:1b0e:5400:4ff:fecd:7828 45.76.93.104

I have replaced my Fritz!Box a few years ago, but I have one Windows laptop that still adds ".fritz.box" to some lookups, even long after not being connected to a Fritz!box.

If your DNS service or router allows, you should block any lookup to a domain within .fritz.box to be safe.

This is what my network returns if I try the same lookup with my custom DNS:

c:\> nslookup nas.fritz.box

Server: UnKnown
Address: 192.168.2.1
Name: nas.fritz.box
Addresses: :: 0.0.0.0

More information:

https://crapts.org/2024/04/21/all-fritz-box-modems-have-been-hijacked/

https://news.ycombinator.com/item?id=40106336

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

This is a filtered page: currently showing replies marked as answers. Click here to see full discussion.

reven

3748 posts

Uber Geek
+1 received by user: 874

Trusted

#3221300 22-Apr-2024 10:12

Send private message

I believe this fixes it if using pihole, under "Domains" adding a regex blacklist.

nslookup returns 0.0.0.0 now for me, vs before it would return the "2001:19f0:6c00:1b0e:5400:4ff:fecd:7828 / 45.76.93.104".

News and reviews »

Dyson Clean+Wash Hygiene Floor Cleaner Review
Posted 17-Apr-2026 14:40

Blink Outdoor 2K Security Camera Review
Posted 17-Apr-2026 10:28

Gallagher Security Launches Major National Recruitment Drive
Posted 15-Apr-2026 17:12

GoPro Announces New MISSION 1 Line of Professional 8K and 4K Compact Cinema Cameras
Posted 15-Apr-2026 17:09

Instax mini 13 Introduces Hands-free Shooting
Posted 14-Apr-2026 17:05

Philips Hue Play Wall Washer Review
Posted 13-Apr-2026 14:00

Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Support Geekzone »

You can support Geekzone with a one-off or recurring donation via PressPatron.

RSS feeds: Main feed; Forums feed
Copyright: ©2002-2026 Geekzone®

Site features: Geekzone BI dashboard; Geekzone Badges; Geekzone Status Page

Site Information: Subscribe to Geekzone; Privacy Statement; Forum Usage Guidelines (FUG); Advertising; Trademark and copyright