CVE-2023-3897

MEDIUM

SureMDM On-premise <6.31 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2023-3897. PoCs published by Jonas Benjamin Friedli, jFriedli.

AI-analyzed exploit summary This exploit bypasses CAPTCHA to enumerate valid users in SureMDM On-premise versions <= 6.31 by sending POST requests to the ForgotPassword endpoint and checking for a specific error message.

Description

Username enumeration is possible through Bypassing CAPTCHA in On-premise SureMDM Solution on Windows deployment allows attacker to enumerate local user information via error message. This issue affects SureMDM On-premise: 6.31 and below version

Exploits (2)

exploitdb WORKING POC

by Jonas Benjamin Friedli · textwebappsmultiple

https://www.exploit-db.com/exploits/51804

View Code ZIP pw:eip

This exploit bypasses CAPTCHA to enumerate valid users in SureMDM On-premise versions <= 6.31 by sending POST requests to the ForgotPassword endpoint and checking for a specific error message.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: SureMDM On-premise <= 6.31

No auth needed

Prerequisites: Network access to the target SureMDM instance · A list of potential usernames/emails to test

MITRE ATT&CK

T1589.001 - Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by jFriedli · poc

https://github.com/jFriedli/CVE-2023-3897

View Code ZIP pw:eip

The repository contains a functional Python script that exploits CVE-2023-3897, a CAPTCHA bypass vulnerability in SureMDM On-premise versions <= 6.31, allowing user enumeration via error messages. The exploit sends POST requests to a specific endpoint and checks for a response indicating whether a user exists.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: SureMDM On-premise <= 6.31

No auth needed

Prerequisites: Target URL · List of usernames to test

MITRE ATT&CK

T1592 - Gather Victim Host Information

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory

https://www.42gears.com/security-and-compliance

Exploit, Third Party Advisory

http://packetstormsecurity.com/files/177179/SureMDM-On-Premise-CAPTCHA-Bypass-User-Enumeration.html

Scores

CVSS v3 4.8

EPSS 0.0129

EPSS Percentile 80.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

Details

CWE

CWE-203

Status published

Products (1)

42gears/suremdm < 6.31

Published Jul 25, 2023

Tracked Since Feb 18, 2026