Admin cookies are written in clear-text in logs. An attacker can retrieve them and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL.
https://www.toshibatec.com/information/pdf/information20240531_01.pdf
https://www.toshibatec.com/information/20240531_01.html