The printers in question use the Debut embedded http server to host their Web interfaces and are network-connected business and consumer multifunction devices.
An advisory from Trustwave said that the Debut server had a flaw whereby a single malformed HTTP request could cause the printer in question to hang, with an eventual HTTP 500 error message being returned.
Printing jobs were blocked and the Web interface became unavailable as a result.
Trustwave said it had tried to contact Brother about this issue many times but the company did not appear to have made a patch available.
"In order to mitigate this issue, admins are left to their own devices. Strict access control is in order here and using a firewall or similar device to restrict Web access to only those admins that need it will help to mitigate the threat here," the company said.
It said it had found a little more than 16,000 vulnerable devices accessible from the Internet.
Trustwave has released proof-of-concept code for exploiting the flaw.