>that means the traffic is vulnerable to some sort of MITM attack by DNS poisoning/packet rerouting

Because it uses https? OP gets around this by manually injecting his certificate, but if you have physical access to a device it's generally considered to be game over in most threat models.