Not to mention all the strings in the QR are length checked, and the QR itself is highly limited in size (QR reading rejects QRs not at a specified size).Everyone asking if this is a primary exploit or saying it's one....
Really guys? Please look at the Video again.
He is editing the name of HIS OWN secret base team.
Which apparently then loads a faulty string (from the manipulated name) and this leads to loading a payload for Homebrew.
In this case it acn't be a primary exploit because you have to get the name in there somehow. And since you have a cahracter limit and can't use all characters you can't simply type it their on your own.
If this could be done with a downloaded QR Code base you'd have a chance, but this will probably just crash you when trying to load the base or tell your the base is invalid.