A slew of high-severity flaws have been disclosed in PrinterLogic printer management service. The three flaws enable an unauthenticated attacker to launch remote code execution attacks on printers. No patch is currently available, according to an advisory. The most serious of the flaws (CVE-2018-5408) stems from the Printerlogic software failing to validate the management portal s secure sockets layer (SSL) certificate. The software executes code without sufficiently verifying the origin and integrity of the code.
Source: https://threatpost.com/printerlogic-remote-code-execution/144383/