There is no limit to the number of attempts to authenticate for the local configuration pages for the Hills ComNav Version 3002-19 interface, which allows local attackers to brute-force credentials.
Credits
Jacob Thompson of Flinders University, Dr. Paul Gardner-Stephen of Flinders University and DEWC Systems, and Dr. Samuel Chenoweth of Defence Science and Technology Group reported these vulnerabilities to Carrier.
