That shouldn’t even be a thing happening in this decade! The default password barely enters into it. Vendor leaves giant foot gun. Customer blows foot off.
I think I read somewhere that it's a lot harder to hack home networks than enterprise systems, which makes very much sense to me.
I think this is misleading, because the reason for this hack is not technical issue. The strongest passwd is useless if it's transparent like this.
I can understand that shipping with no passwd included is also somewhat awkward or perhaps even not allowed by regulation