“In the code in Figure 2, the device mounts a remote NFS share from a host at an IP address that is not
registered to the device manufacturer but is registered to a university. The research team did not observe
communication to the university’s IP, only attempts by the device to reach out”

https://www.cisa.gov/resources-tools/resources/contec-cms8000-contains-backdoor