A vulnerability has been confirmed in some Epson printers, scanners, and network interface products in the software (Web Config) that allows you to check the product’s status or change its settings via a web browser.

Affected devices are listed here: https://www.epson.jp/support/misc_t/240930_03_oshirase.htm

Epson recommends to not connect the product directly to the Internet. Install the product in a network protected by a firewall and in that case, set a private IP address and operate the product. The administrator password should be a complex string of characters that is difficult for others to guess, such as a combination of not only English letters but also symbols and numbers and be eight characters or more in length.

Source: therecycler