CGI, or Common Gateway Interface, is a web-server mechanism that starts an external program to process an HTTP request and return a response. Instead of serving a static file, the server passes request data to a script or binary, which can generate pages, apply configuration changes, or run device-management actions. In embedded systems and admin portals, CGI is often the bridge between a browser and privileged firmware functions.
That makes CGI a security-sensitive boundary. If the handler trusts user input too much, attackers can abuse parameters to trigger command injection, authentication flaws, or memory corruption. In real attacks, probes often target CGI endpoints such as /cgi-bin/ paths, especially on routers, switches, and cameras. Defenders reduce risk by limiting exposure of management interfaces, validating all inputs, removing unused CGI programs, and patching firmware quickly when a flaw is found.