CVE-2014-9415

Huawei eSpace Desktop <V100R001C03 - DoS

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-9415. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit demonstrates a stack-based buffer overflow with SEH overwrite in Huawei eSpace Meeting's cenwpoll.dll via a maliciously crafted QES file. It includes a PoC generator and options to trigger the vulnerability with or without a debugger.

Description

Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted QES file.

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · pythondoswindows

https://www.exploit-db.com/exploits/46865

View Code ZIP pw:eip

This exploit demonstrates a stack-based buffer overflow with SEH overwrite in Huawei eSpace Meeting's cenwpoll.dll via a maliciously crafted QES file. It includes a PoC generator and options to trigger the vulnerability with or without a debugger.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Huawei eSpace Meeting 1.1.11.103 (cenwpoll.dll 1.0.8.8)

No auth needed

Prerequisites: Huawei eSpace Meeting installed · Ability to deliver a malicious QES file to the target

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Patch, Vendor Advisory x_refsource_confirm

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-406589.htm

Exploit, Third Party Advisory x_refsource_misc

http://packetstormsecurity.com/files/152965/Huawei-eSpace-1.1.11.103-Unicode-Stack-Buffer-Overflow.html

Scores

EPSS 0.0057

EPSS Percentile 42.4%

Details

CWE

CWE-20

Status published

Products (1)

huawei/espace_desktop < v100r001c03

Published Dec 24, 2014

Tracked Since Feb 18, 2026