CVE-2025-3981 is a medium-severity vulnerability identified in version 1.0 of the Internet Doctor Workstation System developed by wowjoy 浙江湖州华卓信息科技有限公司. The vulnerability arises from improper authorization handling in the processing of the API endpoint /v1/prescription/details/. Specifically, the system fails to correctly enforce authorization controls, allowing an attacker to remotely access or manipulate prescription details without the necessary privileges. The vulnerability does not require user interaction or prior authentication, and can be exploited over the network with low attack complexity. The CVSS 4.0 base score is 5.3, reflecting a moderate impact primarily on confidentiality due to limited data exposure, with no direct impact on integrity or availability. The vendor was notified early but has not responded or provided a patch, and while no known exploits are currently observed in the wild, public disclosure of the exploit code increases the risk of exploitation. The vulnerability affects only version 1.0 of the product, and the scope is limited to the affected API endpoint, which is likely used in clinical or telemedicine workflows to access prescription data. Given the nature of the product, unauthorized access to prescription details could lead to privacy violations, potential misuse of medical prescriptions, and erosion of patient trust in telehealth services.

For European organizations, particularly healthcare providers and telemedicine platforms using the Internet Doctor Workstation System or integrated solutions involving this product, the vulnerability poses a risk to patient data confidentiality. Unauthorized access to prescription details could lead to exposure of sensitive health information, violating GDPR and other data protection regulations, potentially resulting in legal penalties and reputational damage. Additionally, manipulation or unauthorized viewing of prescriptions could facilitate fraudulent prescription fulfillment or medication misuse, impacting patient safety. The impact is exacerbated in healthcare environments with interconnected systems, where compromised prescription data could be leveraged for broader attacks or social engineering. Although the vulnerability does not directly affect system availability or integrity, the confidentiality breach alone is significant in the healthcare context. European healthcare organizations relying on this software or its derivatives should consider the risk of regulatory non-compliance and patient harm. The lack of vendor response and patch availability increases the urgency for mitigation.

1. Immediate mitigation should include network-level access controls restricting access to the Internet Doctor Workstation System's API endpoints, especially /v1/prescription/details/, to trusted internal networks or VPNs only. 2. Implement application-layer authorization checks as a compensating control if possible, such as reverse proxies or API gateways enforcing strict access policies. 3. Conduct thorough audits of user access logs and prescription data access patterns to detect any unauthorized access attempts. 4. Segregate the vulnerable system from other critical healthcare infrastructure to limit lateral movement in case of exploitation. 5. Where feasible, replace or upgrade the affected system with alternative telemedicine solutions that have active vendor support and security maintenance. 6. Educate healthcare staff on the risks of unauthorized data access and enforce strict credential management to prevent indirect exploitation. 7. Monitor cybersecurity threat intelligence feeds for any emerging exploits targeting this vulnerability and prepare incident response plans accordingly. 8. Engage with regional healthcare cybersecurity authorities to report the vulnerability and seek guidance on compliance and remediation best practices.