I think it is more complicated than that. It is “closed but not closed”. The antecedent “If users cannot create new accounts to report bugs” is not necessarily true. It’s just that it is now harder to get an account than it used to be - and if the reason that it is now harder is because of malicious parties, you don’t necessarily want to make it either easy or obvious to those malicious parties.
So in this case the score may be: malicious parties 1, all the rest of us 0.
I think you want the “Standard” login option, not the LDAP login option, but you should contact support (firstname.lastname@example.org) because, as I understand it, requests for accounts have to be approved manually anyway.
Also, if this is a bug in the hardware, that particular mechanism for reporting may not be the right one.
What hardware (i.e. what model) are we talking about?