> For the complete documentation index, see [llms.txt](https://strik3r.gitbook.io/strik3r-blog/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-37831.md).

# CVE-2023-37831

### <mark style="color:yellow;">**Description**</mark>&#x20;

Elenos ETG150 FM transmitter v3.12 allows attackers to enumerate user accounts based on server responses when credentials are submitted.

**Discoverer: Eslam Kamal (Strik3r)**

**Vendor of Product: Elenos**

**Affected Product: Elenos ETG150 FM transmitter - 3.12**

### <mark style="color:yellow;">Details</mark>

Find full details here:

### [<mark style="color:yellow;">POC</mark>](https://github.com/strik3r0x1/Vulns/blob/main/User%20enumeration%20-%20Elenos.md)
