Remote attack surface of router in bridge mode

Bridge mode removes most of the normal router-side exposure, but I would not treat an unpatched cable router as having no attack surface. The DOCSIS/modem side is still managed by the ISP network, and some boxes leave a management UI or services reachable on a local management IP even while bridged. If you use it, I’d at least disable Wi-Fi/telephony/remote admin/UPnP on the Fritzbox, check whether its web UI is reachable from the OpenWrt side, and keep the OpenWrt router doing all firewalling. For a low-risk home setup it may be acceptable as a stopgap, but if you are trying to avoid unmaintained firmware entirely, a supported modem from the ISP is the cleaner option.