Did they really think it is ok to include a remote access without telling customers?!
I guess this more often the case than people realize (especially with such hobby level hard- and software), but it actually is a huge security risk. Because once you are on a Raspyberry Pi in a customers network, there are no limits..