Failed (unknown) external access to Fritzbox

✨ Quic broadband | Apple TV | Samsung | AliExpress | Wise | Sharesies

Welcome Guest.

You haven't logged in yet. If you don't have an account you can register now.

Forums › 2degrees (including Slingshot, Orcon, Flip, Stuff Fibre, MyRepublic, 2talk and Vocus) › Failed (unknown) external access to Fritzbox

Hatch

816 posts

Ultimate Geek
+1 received by user: 57

#208483 13-Feb-2017 22:59

Send private message

Whilst changing some wifi settings on my 7490 I noticed 5 entries this evening:

Login of user admin to the FRITZ!Box user interface from the IP address 80.82.64.127 failed (incorrect password).

IP geo lookup shows the connection is from the Seychelles.

Googling the IP address shows that it is has been banned for allegedly being the source of hacking in from the last few years.

I have a static ip address and have had one for a few years. Any point in asking for a new static ip address.

I spoke to a 2degrees rep but she didn't really know what I was going on about. She did confirm that 2degrees weren't behind the access attempts via the Seychelles.

Any suggestions as to what I should/can do or is this merely run of the mill random attacks?

This is a filtered page: currently showing replies marked as answers. Click here to see full discussion.

2degreesCare

1537 posts

Uber Geek
+1 received by user: 274

Trusted

2degrees

#1720123 14-Feb-2017 16:53

Send private message

Hi All,

This sounds a lot like the old exploit in the fritzbox firmware that has been patched for some time, it's almost as if the exploit remained after firmware updates, and is just now having access attempted (and failing as a result of the changes from the patching). Can those affected please message me with your broadband usernames, CWMP numbers from the bottom of the modems and current firmware version, and I'll check it out for you.

michaelmurfy:

Oblivian:

michaelmurfy: I'd strongly recommend turning off any external access to your routers services. It only takes a single exploit then they've got control over your whole network.

It would appear its how they manage the configurations and updates with CPS. They put a snapadmin user on with remote access afterall. And have seen it update before by them.

Crap that is bad. Opened to the world and not whitelisted to their own management network is a terribly bad security practice no matter how secure they think the Fritz!Box is. Any open ports on an embedded system is a terrible idea. I would say it could well be Mirai attempting to brute force.

Our CPE management is restricted to our management range only, and is only enabled on-request from our systems through TR-069 with our unique tokens. If the device has a snapadmin credential in it, this will be a very old config that has likely not successfully been migrated on to our managed system.

Thanks,

Ralph ^JOB

News and reviews »

Instax mini 13 Introduces Hands-free Shooting
Posted 14-Apr-2026 17:05

Philips Hue Play Wall Washer Review
Posted 13-Apr-2026 14:00

New ECOVACS DEEBOT T80S OMNI Available Now
Posted 9-Apr-2026 11:11

Ring Brings 4K Video to Battery-Powered Doorbells
Posted 9-Apr-2026 11:01

Synology Announces a New Privacy-First Home Monitoring Experience for BeeStation Plus
Posted 9-Apr-2026 10:02

GIGABYTE X870E AERO X3D DARK WOOD Redefines the Motherboard
Posted 7-Apr-2026 14:06

Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Support Geekzone »

You can support Geekzone with a one-off or recurring donation via PressPatron.

RSS feeds: Main feed; Forums feed
Copyright: ©2002-2026 Geekzone®

Site features: Geekzone BI dashboard; Geekzone Badges; Geekzone Status Page

Site Information: Subscribe to Geekzone; Privacy Statement; Forum Usage Guidelines (FUG); Advertising; Trademark and copyright