TECH FCC Bans Foreign-Made Routers as a 'National Security Risk'

SmithJ

SmithJ

Veteran Member

Seems like a big deal.... No router = no internet.​



www.cnet.com

FCC Bans Foreign-Made Routers as a 'National Security Risk'

The ban applies to the sale of new routers manufactured outside the US, but anyone with existing foreign-made routers can continue to use them.
www.cnet.com www.cnet.com

FCC Bans Foreign-Made Routers as a 'National Security Risk'​


Summarize

The ban applies to the sale of new routers manufactured outside the US, but anyone with existing foreign-made routers can continue to use them.​

See full bioMarch 23, 2026 3:43 p.m. PT
person on laptop with hands on keyboard and wireless and lock symbol appearing above

jpkirakun/Getty Images
The Federal Communications Commission has moved to ban foreign-made Wi-Fi routers, according to a fact sheet released Monday afternoon.

The ban includes “all consumer-grade routers produced in foreign countries.” Router manufacturers can apply for an exemption, but so far, none have been granted Conditional Approval on the FCC’s website.

This is a monumental development for the US Wi-Fi router market. Nearly every router available for purchase in this country is at least partially manufactured outside the US, including TP-Link, Asus and Netgear.

According to a list of FAQs published by the FCC, a router will be considered foreign-made if “any major stage of the process through which the device is made, including manufacturing, assembly, design and development” occurs outside the US. The ban does not apply to any existing routers that the FCC previously authorized.

“I welcome this Executive Branch national security determination, and I am pleased that the FCC has now added foreign-produced routers, which were found to pose an unacceptable national security risk, to the FCC’s Covered List,” said FCC Chair Brendan Carr in a statement.

This doesn’t mean you have to replace your existing router. The FCC clarified that it doesn’t apply to previously-purchased routers, but you won’t be able to buy new routers that the FCC hadn’t already authorized before today’s ban.

TP-Link specifically has been in the US government’s crosshairs for over a year, stemming from its ties to China, with more than half a dozen US departments and agencies reportedly backing a ban at the end of 2025. But today’s FCC action goes well beyond TP-Link and will affect nearly every router company.

CNET has reached out to the FCC, Asus, D-Link, Eero, Netgear, Razer and TP-Link for comment, but representatives did not immediately respond. We will continue to update this story as we collect more information.
 
subnet

subnet

Boot
And if I remember correctly the feds were supposed to ban any gov computer from having foreign made chips in them and it quietly went away...anyone know if there is some law for domestic routers being required to have a kill switch or backdoor as others have mentioned.
Seems a bit sketch now that i think about it.
And wasn't a vpn ban floated at one point which some euros actually did?
 
Last edited:
Jez

Jez

Veteran Member
What do they mean by consumer grade? Does this include the stuff businesses use like Cisco? If so then we're talking actual Internet infrastructure. Also thinking of companies who have warehouses or large open spaces for manufacturing. Then there is consumer grade stuff like Ring door camera networks. This gets interesting real quick.
 
Repairman-Jack

Repairman-Jack

Veteran Member
Jez said:
What do they mean by consumer grade? Does this include the stuff businesses use like Cisco? If so then we're talking actual Internet infrastructure. Also thinking of companies who have warehouses or large open spaces for manufacturing. Then there is consumer grade stuff like Ring door camera networks. This gets interesting real quick.
Click to expand...
Consumer grade is generally considered "home use" ie can buy it at walmart, so not cisco.
 
Kris Gandillon

Kris Gandillon

The Other Curmudgeon
_______________
SmithJ said:
Only starlink, maybe
Click to expand...
Nope. The router that comes with Starlink is not made in the USA currently and as with most other consumer-grade routers the major issue is “chip fabrication”. Will be interesting to watch what ALL of the consumer ISP providers do to solve this problem because it is now a problem for every one of them. They all use non-made-in-the-USA gear, with all critical chips fabricated outside the USA.
 
SmithJ

SmithJ

Veteran Member
Key details regarding the recent 2026 FCC action:
  • Targeted Devices: The ban applies to new, foreign-manufactured consumer and small office/home office (SOHO) routers.
  • Impact on Cisco: Because many U.S. tech firms, including Cisco, Netgear, and Amazon, produce their equipment overseas, they are impacted by the import restrictions on new models.
 
W

WOS

Veteran Member
A snipit from an article on Zerohedge today showing the countries of origin for most of the routers used here:

FCC Bans Foreign-Made Wireless Routers<!-- --> | ZeroHedge

ZeroHedge - On a long enough timeline, the survival rate for everyone drops to zero
www.zerohedge.com www.zerohedge.com

The decision, announced today, follows a White House-convened inter-agency review that determined these devices - primarily those manufactured overseas - pose unacceptable threats to US households, critical infrastructure, and the economy.

Major brands like TP-Link (which holds a dominant share of the U.S. market), Netgear, Google Nest, Amazon Eero, Cisco, Linksys, and Asus produce most models abroad, often in China, which controls an estimated 60% of the U.S. home router market.

2026-03-23_16-05-47.jpg
 
G

gunwish

Veteran Member
I am so grateful that un-elected bureaucrat government overloads are letting us keep our existing routers that we paid for with our own funds. That is so nice of them. I mean we should all licking the boot that is stomping on our neck. It is just the right thing to do.

Just like most other government actions, they just have a knee jerk reaction. Ban an item that most of the homes and some businesses have, and is a requirement in today's world, without providing the infrastructure to offset this new rule. The truth is most routers are not made here in the US, and never have been. Love it or hate it that is the way it is. It would take years to build plants to replace these devices. Now there will be massive router shortages. Prices will go way up on used consumer grade routers and commercial grade supply will take a bigger hit. With the way the world works right now this could be a real national security issue.

Where does an un-elected government agency get the right, and the arrogance, to limit or stop CITIZENS from using their own money to buy whatever products they want. This is a bureaucrat ruling full of hot air and nothing more. The ruling is not a law. Period. If the government wanted make it illegal, under the law for CITIZENS to buy these products, then this needs to go through congress and then signed or vetoed by the president. Show me in the constitution where a government agency has the power to make law and enforce this. I thought the supreme court stopped this when they struct down the chevron ruling.

This nothing but fascism and communism. We are sliding more into it everyday. trump could stop this, but he probably won't. He likes having power and control on the federal level. Maybe ANTIFA has a point.
 
G

gunwish

Veteran Member
SmithJ

SmithJ

Veteran Member
Once again it appears that the governments kneejerk response is backwards- consumer grade routers are not the problem. If security is a concern then government and enterprise grade routers are the ones that need strengthening

if bot-nets are the concern then focusing on consumer routers is futile, the entire iot is the population there
 
S

savurselvs

Veteran Member
SmithJ said:
Key details regarding the recent 2026 FCC action:
  • Targeted Devices: The ban applies to new, foreign-manufactured consumer and small office/home office (SOHO) routers.
  • Impact on Cisco: Because many U.S. tech firms, including Cisco, Netgear, and Amazon, produce their equipment overseas, they are impacted by the import restrictions on new models.
Click to expand...
Including Ubiquiti I assume?
 
Sacajawea

Sacajawea

Has No Life - Lives on TB
Great!

Post office going to 3 day delivery; massive push to get people to pay bills, order food & other items online; bank online; manage taxes, soc security, medicae online >

Restrict which routers one can legally buy.

Do they even talk to each other in Gov't?
 
Dobbin

Dobbin

Faithful Steed
Sacajawea said:
Do they even talk to each other in Gov't?
Click to expand...
They probably do - and China is listening.

They're probably listening OUTSIDE of any individual office server.

AI gives them (and us) the ability to "process" plethora levels of information - and filter out the extraneous.

But we don't have to make it easy for them...

Dobbin
 
Wildweasel

Wildweasel

F-4 Phantoms Phorever
mistaken1 said:
Much more insidious than remote shutdown.
Click to expand...
Yeah. Like routers having a hidden function to act as control relay sites for foreign drones or spy balloons operating in their area.

Foreign country "X" sends a signal to all the routers built there and all respond with their location. Then those in the target area are activated to relay drone commands or to receive data from a spy balloon and transmit the data back home.

Reading the Barksdale drone thread and then this one made the concept pop into my head. Those drones didn't operate using normal drone frequencies. But maybe WiFi frequencies? Very insidious, indeed.
 
Last edited:
Repairman-Jack

Repairman-Jack

Veteran Member
I expect that some of the big players will apply for conditional approval, but as of right now....if you need a new router, you might want to move it up on your to buy list.

The "big" issue with consumer routers is a combination of end users and lack of support. Over 80% of users don't change the default username and password. Firmware updates are sometimes slow from the manufactures and even slower to be installed by the end user.

This leaves a large target rich environment for "hackers" and with the big swing of working from home since c19, it adds additional vulnerabilities for corporations, along with easy pickings for IOT devices and building botnets.

I wonder what Xfinity and other providers are going to do as their devices full under this ban
 
Repairman-Jack

Repairman-Jack

Veteran Member
TP-Link warns users to patch critical router auth bypass flaw

TP-Link warns users to patch critical router auth bypass flaw​

TP-Link has patched several vulnerabilities in its Archer NX router series, including a critical-severity flaw that may allow attackers to bypass authentication and upload new firmware.

Tracked as CVE-2025-15517, this security flaw affects Archer NX200, NX210, NX500, and NX600 wireless routers and stems from a missing authentication weakness that attackers can exploit without privileges.

"A missing authentication check in the HTTP server to certain cgi endpoints allows unauthenticated access intended for authenticated users," TP-Link explained earlier this week when it released security updates that address the vulnerability.

"An attacker may perform privileged HTTP actions without authentication, including firmware upload and configuration operations."

TP-Link also removed a hardcoded cryptographic key (CVE-2025-15605) in the configuration mechanism, which allowed authenticated attackers to decrypt configuration files, modify them, and re-encrypt them.

Additionally, it addressed two command injection vulnerabilities (CVE-2025-15518 and CVE-2025-15519) that enable threat actors with admin privileges to execute arbitrary commands.

The company "strongly" recommended that customers download and install the latest firmware version to block potential attacks exploiting these flaws.

"If you do not take all recommended actions, this vulnerability will remain. TP-Link cannot bear any responsibility for consequences that could have been avoided by following this advisory," it added.

In September, TP-Link was forced to rush out patches for a zero-day vulnerability impacting multiple router models after failing to release patches following a May 2024 report. The unpatched security flaw allowed attackers to intercept or manipulate unencrypted traffic, reroute DNS queries to malicious servers, and inject malicious payloads into web sessions.

CISA added two other TP-Link flaws (CVE-2023-50224 and CVE-2025-9377) to its Known Exploited Vulnerability catalog in September, which the Quad7 botnet has been exploiting to compromise vulnerable routers.

In total, the U.S. cybersecurity agency has flagged six TP-Link vulnerabilities as exploited in attacks, the oldest being a directory traversal vulnerability (CVE-2015-3035) affecting multiple Archer devices.

Texas Attorney General Paxton sued TP-Link Systems in February, accusing the company of deceptively promoting its routers as secure while allowing Chinese state-sponsored hacking groups to exploit firmware vulnerabilities and access users' devices.
 
P

privatemom

Veteran Member
Isn't it kind of late now? Why ban consumer only? To keep us peons from actually having access to any information? (real or imagined information)
 
DryCreek

DryCreek

Veteran Member
Hmmm. I probably need to look into patching the TP-Link range extenders I have.

And I see the concern of the government. With the growing extension of the IOT, malware can wreak havoc in most consumer appliances that were generally accepted to be "air gapped" in the past.
 
Repairman-Jack

Repairman-Jack

Veteran Member
privatemom said:
Isn't it kind of late now? Why ban consumer only? To keep us peons from actually having access to any information? (real or imagined information)
Click to expand...
The Consumer is the big problem (#34 in this thread).

Nothing is being pulled from the shelves, this will effect future devices, they'll either build in U.S. and apply for a conditional approval.

TP-Link has been in the crosshairs for some time, I was a little surprised to see "everyone else" tossed into the same bucket.
 
SmithJ

SmithJ

Veteran Member
  • Under the current rules, banned routers will no longer receive essential security firmware and software updates after March 1, 2027.
  • The FCC’s action has effectively frozen the entire market while router companies scramble to gain approval.
  • More specific information on which router companies will be subject to the ban is expected to become clearer within the next month or two.


www.cnet.com

I Review Routers for a Living. Don’t Buy a Router Right Now

The Federal Communications Commission bans the sale of new foreign-made routers in the US to protect national security. The ironic side effect: It could stop your current router from receiving vital security updates.
www.cnet.com www.cnet.com

I Review Routers for a Living. Don’t Buy a Router Right Now​

The Federal Communications Commission bans the sale of new foreign-made routers in the US to protect national security. The ironic side effect: It could stop your current router from receiving vital security updates.​

See full bioMarch 25, 2026 9:41 p.m. PT

Key takeaways:​

  • The FCC has banned the sale of new foreign-made routers in the US, and this sweeping order applies to virtually every Wi-Fi router currently available in the US market.
  • My expert advice is to hold off on purchasing a new router if you can.
  • Under the current rules, banned routers will no longer receive essential security firmware and software updates after March 1, 2027.
  • The FCC’s action has effectively frozen the entire market while router companies scramble to gain approval.
  • More specific information on which router companies will be subject to the ban is expected to become clearer within the next month or two.
In my eight years of writing and reviewing broadband and routers, I’ve rarely seen news that I would describe as unprecedented. The FCC’s recent decision to ban foreign-made routers is absolutely unprecedented.

The sweeping order applies to any router in which any stage of “manufacturing, assembly, design and development” occurs outside the US -- in other words, just about any router you can buy right now. The FCC order says that foreign-made routers pose "unacceptable risks" to national security.

The ban doesn’t apply to routers that were already authorized by the FCC -- that is, every router that’s currently for sale in the US -- and will only impact new models that haven’t been approved yet. That means every router that was available before the order is still available today, and router companies can still restock them using their existing manufacturing processes.

Essentially, the FCC is freezing the entire router market. As William Budington, a technologist for the digital rights nonprofit Electronic Frontier Foundation, put it to me, “This is using an extremely blunt instrument.”

Where previous FCC bans have been limited to specific companies, such as last year’s push to ban TP-Link routers, this one affects an entire industry. So where does that leave someone who needs a new Wi-Fi router? Should you buy a model you’ve had your eye on in case it sells out? Or is it better to wait and see which companies the FCC considers foreign-made?

I know what I would do, but I gut-checked my advice with some industry experts. Turns out, we agree.

My advice: Hold off on buying a new router for now​

When I first saw the FCC’s announcement, I couldn’t stop thinking about how much chaos this would introduce to the US router market. As I tried to tease out which manufacturers would count as “foreign-made,” it quickly became clear how deeply international the supply chains for routers are.

Understanding the scope of the ban​

Take Netgear. While it’s a US-founded and headquartered company, it manufacturers routers in Vietnam, Thailand, Indonesia and Taiwan. With the exception of Starlink -- the company says its newer routers are made entirely in Texas, according to the BBC -- I couldn’t find a single router brand that’s homegrown.

I don’t have any issues recommending routers that were manufactured abroad. After all, they’d already gone through the FCC’s authorization process, and I haven’t seen convincing evidence that any one router brand has more hardware vulnerabilities than another.

Thomas Pace, CEO of cybersecurity firm NetRise, told me last year during an interview about the potential TP-Link ban: "We've analyzed an astonishing amount of TP-Link firmware. We find stuff, but we find stuff in everything.”

I just finished testing, reviewing and rating over 30 routers, and after years of resistance, I finally concluded that Wi-Fi 7 routers are worth the money for the speeds you get. While I stand by my recommendations, with this ban in place, the router you buy today may not be any good in a year.

The future-looking security risk​

Then I saw the FCC’s Public Notice on the ban, which specifies that manufacturers can continue providing software and firmware updates “at least until March 1, 2027.” That means if you own a foreign-made router -- if you own any router, in other words -- it won’t be able to get security patches after that deadline.

That’s why I think the wise move here is to wait on buying one if you can. Keeping your router’s firmware up-to-date is an essential part of securing your home network. If you buy from a router company that doesn’t get an exemption from this ban, you risk having an unsecured device a year from now.

It’s an ironic side effect of an order that is ostensibly designed to keep Americans safer: They may no longer be able to get the latest security fixes.

“If you're limiting the ability of people to get security updates, then you’re making the problem worse, not better,” Alan Butler, senior counsel at the Electronic Privacy Information Center, told me. “A lot of those routers are going to turn into pumpkins in a year unless they extend this waiver.”

By saying you can update your firmware “at least until March 1, 2027,” the FCC does leave some wiggle room for an extension. But until we know more about which companies the FCC considers foreign-made and which will be exempt, I wouldn’t feel comfortable recommending spending money on a new router right now.

Advice for immediate router needs​

If your old router stopped working, I’m not going to tell you to wait for clarity from the FCC to get back on Wi-Fi -- the timeline for concern is more in years than months. A good compromise might be to buy an older budget router rather than the latest Wi-Fi 7 model you’ve had your eye on. But if you can afford to wait a month or two, it’s worth exercising some caution.

“I do think this is going to become a mess very quickly,” Butler said.

This is the messiest point in the process we’re likely to see. As the dust settles in the coming weeks, we’ll likely have better information on which routers will still be safe to use a year from now.
 
You must log in or register to reply here.
Top