Yes, this is a real CAPTCHA that I ran across.
In case it isn't obvious from the picture, or you can't read that small, the text in the CAPTCHA matches the filename, therefore making it trivial to determine what the text says. Further, I tried specifying 6 random characters for the filename and it didn't work, which leads to two possibilities:
- The CAPTCHA images are generated and saved in the root Web directory
- There are a limited number of generated CAPTCHA images
I can't easily tell which one is actually happening, but in both cases there's a serious issue. And funny, too!