web3.py versions >=6.0.0b3 and <7.15.0, and >=8.0.0b1 and <8.0.0b2 implement CCIP Read / OffchainLookup (EIP-3668) by making HTTP requests to URLs specified by smart contracts in offchain_lookup_payload["urls"] without validating these URLs. Since CCIP Read is enabled by default, any backend service using web3.py's .call() method with untrusted contract addresses is vulnerable to SSRF. A malicious contract can cause the web3.py process to send HTTP requests to arbitrary destinations, including internal networks and cloud metadata endpoints. This vulnerability is resolved in versions 7.15.0 and 8.0.0b2.

An attacker controlling a malicious smart contract can exploit this vulnerability to cause backend services using vulnerable versions of web3.py to make arbitrary HTTP requests. This can lead to unauthorized access to internal network resources or cloud metadata services. However, the overall impact is rated low based on the CVSS 4.0 score of 1.7, reflecting limited attack complexity and impact scope.

Upgrade web3.py to version 7.15.0 or later, or 8.0.0b2 or later, where this SSRF vulnerability is fixed. Until upgraded, avoid using .call() with untrusted or user-supplied contract addresses. Patch status is not explicitly stated as 'patchAvailable' but the fix is included in the specified versions, so upgrading is the recommended remediation.