On Monday we reported that for over 25 (!) Fritzbox models FritzOS 7.57 and FritzOS 7.31 have been released. It is now clear that the updates should be installed on the relevant Fritz boxes as soon as possible. The release notes for the new FritzOS version only state that stability and security will be increased.
On its security page, AVM explains that FritzOS 7.57 (and thus also FritzOS 7.31) is a “necessary stability and security update” and that details of the closed security gap should be “published at a later date”. That sounds more dramatic.
Speculations about vulnerability
There is already speculation on the Internet about what kind of security gap it could be. The website “Borncity.com” refers to an Italian forum that speculates that there could be a serious vulnerability that allowed attackers to gain access to Fritz boxes via port 443. Specifically, we are talking about the Fritzbox 7590, but other Fritzbox models could also be affected by the gap. The vulnerability is already being actively exploited by attackers, which would explain why AVM delivered the update for so many Fritzbox models in one fell swoop.
In the Italian-language forum post, AVM is quoted as saying: “AVM is aware of cases in which Internet access via PPPoE and/or registration on the FRITZ!Box 7590 user interface is no longer possible. AVM is currently examining the problem in detail.”
This is what users affected by an attack can do
The users affected are recommended to log in to fritz.box if possible and then select the entry “Internet” under “Assistants” in order to reestablish the Internet connection. If it is not possible to log in to fritz.box, users should click on “Forgot your password” on the login page and follow the instructions. The new FritzOS version should then be installed immediately.
A FritzOS update has been available for these Fritzbox models since September 4, 2023!
Fritzbox model | FritzOS version |
---|---|
Fritz box 7590 AX | 7.57 |
Fritz box 7590 | 7.57 |
Fritz box 7583 VDSL | 7.57 |
Fritz box 7583 | 7.57 |
Fritz box 7580 | 7.30 |
Fritz box 7560 | 7.30 |
Fritz box 7530 AX | 7.57 |
Fritz box 7530 | 7.57 |
Fritz box 7520 | 7.57 |
Fritz box 7510 | 7.57 |
Fritz box 7490 | 7.57 |
Fritz box 7430 | 7.31 |
Fritz box 7390 | 6.88 |
Fritz box 7362 SL | 7.14 |
Fritz box 6890 LTE | 7.57 |
Fritzbox 6690 Cable | 7.57 |
Fritzbox 6660 Cable | 7.57 |
Fritzbox 6591 Cable | 7.57 |
Fritzbox 6590 Cable | 7.57 |
Fritzbox 6490 Cable | 7.57 |
Fritzbox 5590 Fiber | 7.57 |
Fritzbox 5530 Fiber | 7.57 |
Fritz box 5491 | 7.31 |
Fritz box 5490 | 7.31 |
Fritz box 4060 | 7.57 |
Fritz box 4040 | 7.57 |
Fritz box 3490 | 7.31 |
How to update your Fritzbox
The quickest way to get the update is to enter “fritz.box” in the browser of your choice. Log in and then switch to “System” and then “Update” in the Fritz OS interface in the left sidebar. In the “Fritz!OS version” tab, click on the “Search for new Fritz!OS” button.
Alternatively, the Fritzbox also automatically searches for newly available updates and then installs them itself with some delay. However, the auto-update function must be activated for this. The corresponding setting can be found under “System, Update” in the “Auto-Update” tab. Here you can also set the time period within which updates may be installed. If you do not change the setting, the Fritzbox will update itself at night while you sleep. During the update, the internet connection will also be disconnected for a short time.
By the way: This article gives you an overview of which FritzOS version is currently available for the AVM devices. There we also list the devices for which the manufacturer does not offer support.