fast-filesystem-mcp Path Traversal Vulnerability Allowing Access to Restricted Files via Symlink Manipulation

A critical path traversal vulnerability has been identified in fast-filesystem-mcp version 3.4.0. This vulnerability allows attackers to bypass directory access restrictions by exploiting improper path validation in the file operation tools, including 'fast_read_file'. The issue arises because the validation process fails to accurately resolve symbolic links to their physical targets, enabling access to unauthorized files.

Impact

Exploitation of this vulnerability allows for unauthorized access to files outside of the designated allowed directories, by manipulating symbolic links to bypass access restrictions.

Reproduction

To reproduce this vulnerability, create a symbolic link in an allowed directory that points to a restricted system path. Then, use a valid path reference to access the symlinked file through a vulnerable fast-filesystem-mcp server. The path validation will incorrectly allow the access, demonstrating the traversal vulnerability.

Remediation

The vulnerability can be addressed by updating to fast-filesystem-mcp version 3.5.0, which includes a fix for the symlink resolution issue. Users can follow the update instructions provided in the 'New Version Update' section of the repository.