THREATOPS
THREAT OPSThreat News › Anthropic Filesystem MCP Server: Directory Access Bypass via Improper Path Validation

Anthropic Filesystem MCP Server: Directory Access Bypass via Improper Path Validation

infoembracetheredPublished 2025-08-03

<a id="top_ref"></a>

<p>A few months ago I was looking at the <a href="https://github.com/modelcontextprotocol/servers/blob/main/src/filesystem/README.md">filesystem MCP server</a> from Anthropic.</p> <p>The server allows to give an AI, like Claude Desktop, access to the local filesystem to read files or edit them and so forth.</p> <p>I was curious about access control and in the documentation th

Original source: https://embracethered.com/blog/posts/2025/anthropic-filesystem-mcp-server-bypass/