[Nacraile]

"Shodan searches indicate that the backdoor affects over 600.000 externally accessible hosts"

It doesn't look like this is LAN-only.

Even if it were, an escalation from unprivileged code execution on a single device to MITM any connection out of a network hardly seems "low priority".

[johncolanduoni]

I'm guessing they used Shodan to locate the models they knew were affected (i.e. by model numbers), not to try the backdoor on unsuspecting devices (which would be illegal).