@wdormann
I checked your link, so the majority seems to be actual vulnerabilities: configuration issues, weak cryptography, implementation mistakes etc, that if an attacker analyze the device and figure it out, could exploit these vulns and install a backdoor.
xz backdoor, is pretty much