Brother Industries, a Japanese multinational electronics and electrical company, has had a critical vulnerability surface in their printers recently.
The vulnerability, CVE-2017-16249, allows an attacker to carry out a denial of service (DoS) attack without the victim’s knowledge.
The attack is executed by sending a malformed HTTP POST request, following the request the attacker will receive a 500 error code in response. The webserver is rendered inaccessible which will cease all printing functions. At the time of this article being written, there are more than 16,000 vulnerable devices for attackers to exploit.
The company has been notified multiple times however, the vulnerability is still unpatched. Users are advised to use a firewall along with restricting access to the device.