Evidence of it opening a reverse shell would be wild, and should be possible to spot, if it’s happening, by monitoring what network traffic to that domain looks like.
Beyond that, companies being able to push changes via custom firmware is sort of the normal state of consumer IoT devices. And it doesn’t really imply the kind of broad “the whole engineering team can access my LAN” that the OP is speculating about.
Now, from a design standpoint, using SSH to pull firmware updates would be a bit of a wonky choice. But the world is full of wonky choices.
Beyond that, companies being able to push changes via custom firmware is sort of the normal state of consumer IoT devices. And it doesn’t really imply the kind of broad “the whole engineering team can access my LAN” that the OP is speculating about.
Now, from a design standpoint, using SSH to pull firmware updates would be a bit of a wonky choice. But the world is full of wonky choices.