I also think that this is where fuzzers shine: they can find bugs which neither a white-box nor a black-box tester would have ever thought about. By virtue of randomness, they can think outside the box, so to speak.
Now, they have other undesirable characteristics, such as non-determinism, lack of intelligence in the walk through the input space, poor analysis of the test results (“does not crash or invoke UB” is a very low standard for working code, and if you can define more precisely the behaviour of a working system, you can write the test yourself), or an intrinsically slow and wasteful mode of operation, which is why IMO they should always be used as a last resort option after everything else has been tried.
But for sensitive code which needs to process fully untrusted user input (e.g. bytes from a network), which has more internal complexity than a human can grasp, or which has never been subjected to proper testing when it was initially written, they seem like a good complement to other testing methodologies.