diff --git a/exposures/configs/cgi-printenv.yaml b/exposures/configs/cgi-printenv.yaml
new file mode 100644
index 0000000000..63731f5647
--- /dev/null
+++ b/exposures/configs/cgi-printenv.yaml
@@ -0,0 +1,29 @@
+id: cgi-printenv
+
+info:
+  author: emadshanab
+  name: CGI script environment variable
+  severity: medium
+  description: A test CGI (Common Gateway Interface) script was found on this server. The response page returned by this CGI script is leaking a list of server environment variables.
+  reference: https://www.acunetix.com/vulnerabilities/web/test-cgi-script-leaking-environment-variables/
+  tags: exposure,generic,cgi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cgi-bin/printenv.pl"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'MYSQL_HOME'
+          - 'OPENSSL_CONF'
+          - 'REMOTE_ADDR'
+          - 'SERVER_ADMIN'
+          - 'Environment Variables:'
+        condition: or
+
+      - type: status
+        status:
+          - 200
\ No newline at end of file