[fulafel]

> This allows us to enumerate a particular subset of active IPv6 hosts which can then be scanned.

So if you have turned off the firewall in your CPE, someone might heave an easier time scanning your network, without having to find your ip address from a http access log or using webrtc etc.

The property of scanning resitance due to address sparsity in IPv6 is not very strong (nor is it meant to be a security boundary) and there are many things like this that can go around it.