One final update - did some IR on an impacted device, it looks like CVE-2022-40684 based on artefacts left behind.
It also looks like the data was assembled in October 2022 and only just released, looking back at historic IP records vs the dump. So basically if your config might be in the dump even if you patched, as it was a zero day at the time.
Also in the dump is complete firewall rules for the devices.