=== What is the potential impact?


When user-supplied values are used to manipulate environment variables,
an attacker can supply carefully chosen values that cause the system to behave unexpectedly. +
In some cases, the attacker can use this capability to execute arbitrary code on the server.

Below are some real-world scenarios that illustrate some impacts of an attacker
exploiting the vulnerability.

==== Application-specific attacks

In this scenario, the attacker manages to inject an environment variable
that is recognized and used by the remote system. For example, this could
be the secret of a particular cloud provider used in an environment variable, or `PATH`.

Depending on the application, the attacker can read or modify important
data or perform unwanted actions. +
For example, injecting data into the `HTTP_PROXY` variable could lead to data leakage.

==== Application compromise

In the worst case, an attacker manages to inject an important environment
variable such as `LD_PRELOAD` and execute code by overriding trusted code.

Depending on the attacker, code execution can be used with different
intentions:

* Download the internal server's data, most likely to sell it.
* Modify data, install malware, and for instance, malware that mines cryptocurrencies.
* Stop services or exhaust resources, for instance, with fork bombs.

This threat is particularly insidious if the attacked organization does not
maintain a Disaster Recovery Plan (DRP).