Attackers can bypass the web login authentication process to gain access to the printers system information and upload malicious drivers to the printer. As for the affected products/models/versions, see the reference URL.
A product requires authentication, but the product has an alternate path or channel that does not require authentication.