Web interfaces in embedded systems are very common remote exploit mechanisms, so this anecdote for sure isn't the typical experience.