THREAT OPS › Threat News › Anthropic Filesystem MCP Server: Directory Access Bypass via Improper Path Validation
Anthropic Filesystem MCP Server: Directory Access Bypass via Improper Path Validation
<a id="top_ref"></a>
<p>A few months ago I was looking at the <a href="https://github.com/modelcontextprotocol/servers/blob/main/src/filesystem/README.md">filesystem MCP server</a> from Anthropic.</p> <p>The server allows to give an AI, like Claude Desktop, access to the local filesystem to read files or edit them and so forth.</p> <p>I was curious about access control and in the documentation th