PT-2026-24081 · Ikea · Ikea Dirigera
Luca Borzacchiello
·
Published
2026-03-09
·
Updated
2026-05-06
·
CVE-2026-3588
CVSS v3.1
7.5
High
| Vector | AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
IKEA Dirigera version 2.866.4
Description
A server-side request forgery (SSRF) condition exists in IKEA Dirigera version 2.866.4. This issue allows an attacker to potentially obtain private keys by sending a specially crafted request. The vulnerability involves the ability to make requests to unintended locations, potentially exposing sensitive information.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ikea Dirigera