IKEA Dirigera v2.866.4 Allows Private Key Exfiltration

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.5

IKEA Dirigera v2.866.4 Allows Private Key Exfiltration

CVE-2026-3588

Summary

A security issue in IKEA Dirigera v2.866.4 allows an attacker to steal private keys by sending a fake request to the system. This could lead to unauthorized access to sensitive information. Update to the latest version of IKEA Dirigera to fix the issue.

Original title

A server-side request forgery (SSRF) vulnerability in IKEA Dirigera v2.866.4 allows an attacker to exfiltrate private keys by sending a crafted request.

Original description

A server-side request forgery (SSRF) vulnerability in IKEA Dirigera v2.866.4 allows an attacker to exfiltrate private keys by sending a crafted request.

nvd CVSS3.1 7.5

Vulnerability type

CWE-918 Server-Side Request Forgery (SSRF)

https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2026-3588

Published: 9 Mar 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026