The article doesn't disclose the value of "sys.rzadmin.password", but this writeup from 2022 does:
https://boschko.ca/tenda_ac1200_router/
Spoiler: it's "rzadmin". And it looks like there are a bunch of other goodies in the firmware, too.
That backdoor is so up front about it. We might as well call it a frontdoor.
Sounds like a convenience feature for a dev that they forgot to remove before distribution, since it's this poorly hidden.
At that point it’s not even a back door it’s just stupid default root password kind of design which used to be standard in this kind of hardware. Backdoor would at least try to be subtle :)