Hmm. My understanding is that  the kernel rather than the shell launches the program, not the interpreter, but the #! line then tells the kernel to launch the interpreter and pass the script to it. Whether a web server would call the kernel function directly or use bash to do so, I don't know. However, it would be very bad practice for a security-conscious application to pass anything derived from outside to the system directly as an environment variable, and I find it hard to believe that would be how it works. However, environment variables are created for the script to receive, and as I now understand it that is the problem, if the script is written in bash as the interpreter to be invoked, and the script therefore uses bash to process its instructions and data.
How many  SSI or CGI scripts were written in bash I don't know. I've never done it, always preferring perl, which I found easier to understand (bash has a unique syntax I've always struggled to grasp, so I prefer C-like languages such as perl, javascript or php), but I suppose some might use bash.

Quote from: krumike

Despite being glad my plusnet router is not vulnerable, given the global news coverage of this extraordinary vulnerability I am shocked that this is not offered a fuller explanation and given more prominence in an easier to find location. Surely Plusnet customers deserve to know that they are safe from this vulnerability.

But it doesn't affect PN provided equipment? How many of the other vulnerabilities in products they don't provide would you like them to comment on?!
I'm so swamped in vague PR messages about it anyway the last thing I need is another one.