I think the listing of "non-obvious" functionality is interesting. For instance, would you have expected to be able to use gimp to get a reverse shell? Would you have thought of using lp as an exfil tool? Or just bashing your exfil into base64-encoded whois requests?
Living off the land is always a fascinating topic, at any level.
If it can perform arbitrary file writes (or even reads) then sure, I'm not at all surprised. A program with root access to the filesystem should be assumed to be a latent portal to arbitrary root execution, unless very thoroughly proven otherwise
There's a reason setuid is considered such a dangerous bit, and why "get root via this secure-looking setuid program" is a common exercise in computer security courses. Gotta look out for path traversals, TOCTOU, untrusted environment variables etc.
Part of the logical problem is the clash of security models. The program may well have been written to guard against untrusted input, but considers that to only be input files, not the commands the user gives. On the basis that "well if the user wants to hurt themselves by writing to /etc/shadow then it's their choice". But the situation in practice is a confused deputy problem, where the sysadmin wants the user to be restricted (despite the process not being restricted) but the program doesn't "know"
In a previous role we had some access to production web servers but definitely not root access. Except for sudo access to vim which was widely abused as a way of getting a root shell when necessary. Fun times.
Living off the land is always a fascinating topic, at any level.