# CVE-2023-3897
Username enumeration is possible through Bypassing CAPTCHA in On-premise SureMDM Solution on Windows deployment allows attacker to enumerate local user information via error message. <br /> <br />
This issue affects SureMDM On-premise: 6.31 and below version
- https://nvd.nist.gov/vuln/detail/CVE-2023-3897
- https://www.42gears.com/trust-center/information-security/security-advisories/42g-2023-003/
- https://www.exploit-db.com/exploits/51804
```
searchsploit -x multiple/webapps/51804.txt
```
[4.0K] /data/pocs/0e738ce5bec94ad6749731b6527aa6e0cd43e670
├── [1.6K] exploit.py
└── [ 516] README.md
0 directories, 2 files