In March, the Federal Communications Commission banned new consumer internet routers manufactured outside the US, citing national security concerns. The ban doesn’t affect any routers already in American homes or currently on sale in the US, but all new routers aimed at the consumer market will need to be approved.
While the headline is that foreign-made consumer routers are banned, manufacturers can apply for exemptions, and some have been approved. There’s no need to throw out your router, and you’ll still find plenty of mesh systems on the store shelves. But what does this mean for you?
Updated May 2026: We’ve added more info on software and component updates, that mobile hotspots are included in the ban, and Conditional Approval has been granted to a few companies.
Why Are Foreign-Made Routers Banned?
“Malicious actors have exploited security gaps in foreign-made routers to attack American households, disrupt networks, enable espionage, and facilitate intellectual property theft,” the FCC wrote. “Foreign-made routers were also involved in the Volt, Flax, and Salt Typhoon cyberattacks targeting vital US infrastructure.”
Foreign-made consumer routers were added to the Covered List, which details equipment and services “deemed to pose an unacceptable risk to the national security of the United States.”
Bogdan Botezatu, director of Threat Research at cybersecurity firm Bitdefender, says this ban is a step to harden the cybersecurity readiness of US households, given ongoing geopolitical tensions.
“Consumer routers sit at the edge of every home network, which makes them an attractive target and a strategic risk if compromised at scale,” he says. Asked whether he thinks the risk is real, Botezatu says yes, though there’s no easy way to prove intent. “[Internet of Things] devices, including routers, are a weak point across the internet.”
Which Routers Are Banned?
The ban only affects the sale of new Wi-Fi routers and mobile Wi-Fi or hotspot devices aimed at consumer households. The ban does not apply to existing FCC-approved routers on sale in the US or to phones with hotspot features. Previously purchased routers already in use in homes across the country are also fine and aren’t part of the ban, according to the FCC’s FAQ. These routers can continue to be sold, used, and updated with new firmware, at least until March 1, 2027.
Any new router manufactured outside the US now requires FCC approval before it can be imported, marketed, or sold in the US. This includes routers from US companies manufactured overseas, which is the vast majority of the market right now.
What Does Foreign-Made Mean?
This is decidedly murky. The ban is concerned with “consumer-grade” routers and could include any designed or manufactured outside the US or manufactured by companies that are not completely US-owned and operated. All the major players in the market, including Netgear, TP-Link, Asus, Amazon’s Eero, Google’s Nest, Synology, Linksys, and Ubiquiti, fall under the definition. As do most, if not all, of the routers supplied by internet service providers in the US.
Just like the recent federal drone ban, the router ban only applies to new routers, but manufacturers can apply for Conditional Approval from the Department of Defense and the Department of Homeland Security.
What is Conditional Approval?
There are three main elements to securing a Conditional Approval in the official guidelines:
- Corporate Structure: This must disclose the ownership, board membership, and “any foreign government ownership, control, influence, financing, or material support.”
- Manufacturing and Supply Chain Disclosure: Router manufacturers must submit detailed reports that break down where every major stage of production happens, covering manufacturing, assembly, design, and development. That means listing every component in every router or hotspot they manufacture and explaining where it comes from.
- US Manufacturing and Onshoring Plan: This must include “A detailed, time-bound plan to establish or expand manufacturing in the United States for the router for which the applicant is seeking Conditional Approval” to qualify for FCC authorization, along with details about any existing US manufacturing and quarterly status updates on progress.
Companies that receive Conditional Approval can continue to sell and update existing devices and release new routers, mesh systems, and mobile hot spots for 18 months. This includes firmware and other software updates for existing and new devices, thus superseding the firmware waiver deadline of March 1, 2027. All new devices are subject to the regular FCC approval process.
Companies With Conditional Approval
So far, only three companies have been granted Conditional Approval. Here’s the FCC list.
- Netgear, a popular US manufacturer of Orbi mesh systems and Nighthawk routers, has been granted a Conditional Approval until October 1, 2027.
- Adtran, which mostly sells to businesses, including cable and telecom companies, was also granted a Conditional Approval until October 1, 2027.
- Eero, Amazon’s mesh router brand, was granted a Conditional Approval until October 31, 2027.
Outside the guidelines, the Department of Defense, Department of Homeland Security, and FCC have not released any further information on why certain companies have been granted Conditional Approvals. None of these companies has released any detailed information on how they secured a Conditional Approval or about plans for US-based manufacturing.
The Consumer Technology Association (CTA) has appealed via this FCC filing for greater clarity and clearer guidelines. It also raised concerns about software patching and component updates.
What About Software Updates?
The FCC has published a waiver that states, “All routers authorized for use in the United States may continue to receive software and firmware updates that mitigate harm to US consumers at least until March 1, 2027.”
What happens after that date is not clear. The fear is that companies that fail to secure Conditional Approval before March 1, 2027, will not only be unable to sell new routers but also will not be able to update their existing routers.
“As this ban expands, keep in mind that routers that aren’t saleable won’t get firmware updates and security patches, and all firmware for banned companies [will] expire next year,” says Joshua Marpet, senior product security consultant at cybersecurity company Finite State. “This means that even that boring beige box ISP router will stop getting security patches next year. And that could lead to exploitable problems,”
The majority of routers compromised and used in cyberattacks are older (end-of-life) devices that no longer receive security updates.
What About Foreign-Made Components?
Due to the vagaries of international supply chains, it is very common for router manufacturers to substitute certain components in existing devices. How this fits with the router ban is unclear, but companies are clearly worried enough about it that the CTA has asked the administration to consider “additional waivers of Class I permissive change rules for changes that do not materially change the security posture of the device, for example, routine parts substitutions that do not materially affect the device’s RF characteristics.”
Well, the FCC provides some clarification in its FAQ (“covered” here means banned):
“Non-‘covered’ devices do not become ‘covered’ simply because they contain a ‘covered’ component part, unless the ‘covered’ component part is a modular transmitter under the FCC’s rules,” it says. “Therefore, a router produced in the United States is not considered ‘covered’ equipment solely because it contains one or more foreign-made components.”
Manufacturers importing components from China but assembling them in the US will presumably be OK, though it’s far from clear. “Applicants will need to be able to have sufficient evidence that the routers were not produced in a foreign country to make this certification, but there is no specific documentation or evidence required,” according to the FCC.
Netgear Has Approval
Netgear published a letter from its CEO to announce its Conditional Approval. While it is a US-founded and headquartered company, Netgear’s routers are manufactured abroad, mostly in Vietnam, Thailand, Indonesia, and Taiwan. The company has moved away from China in recent years. Netgear has been lobbying the government on “cybersecurity and strategic competition with China.”
“We commend the administration and the FCC for their action toward a safer digital future for Americans,” a Netgear spokesperson tells WIRED. “Home routers and mesh systems are critical to national security and consumer protection, and today’s decision is a step forward.”
Netgear is a publicly traded company on Nasdaq, mostly owned by institutional investors, including BlackRock and Vanguard. The company’s stock rose on news of the ban.
Will TP-Link Be Banned?
Since all of its routers are made overseas, TP-Link must apply for Conditional Approval or spin up manufacturing in the US to sell any new routers. Estimates vary, but TP-Link’s US consumer router market share is somewhere around 35 percent, with Netgear and Asus accounting for another 25 percent or so.
The US Commerce, Defense, and Justice departments have reportedly been investigating and considering a ban on TP-Link routers for more than a year over concerns about the company’s links to China. No ban has been enacted until now, but Texas attorney general Ken Paxton sued TP-Link in February, claiming the company allows the Chinese Communist Party to access American consumers’ devices. Detractors have also criticized perceived predatory pricing, claiming TP-Link flooded the US market with a wide range of affordable routers to establish dominance.
TP-Link has repeatedly denied any wrongdoing and claims it has divested from its Chinese roots and is now headquartered in the US with the bulk of manufacturing in Vietnam. TP-Link’s cofounder and CEO, Jeffrey Chao, recently applied for permanent US residency through President Trump’s Gold Card program, according to the Times of India.
“Virtually all routers are made outside the United States, including those produced by US-based companies like TP-Link, which manufactures its products in Vietnam,” a spokesperson from TP-Link tells WIRED. “It appears that the entire router industry will be impacted by the FCC’s announcement concerning new devices not previously authorized by the FCC.”
TP-Link is a privately owned company and not publicly listed on any stock exchange. Chao and his wife, Hillary, are listed as the company’s sole owners.
Will Asus Be Banned?
Asus primarily makes its routers in Taiwan, though it has production facilities in China and works with several third-party manufacturers. Recent tariff pressures led the company to branch out to Thailand, Vietnam, Indonesia, Mexico, and the Czech Republic, but the bulk of its routers still come from Taiwan or China. Asus must apply for Conditional Approval to sell new routers. The company did not respond to WIRED’s request for comment.
Asus is listed on the Taiwanese Stock Exchange and is mostly owned by public shareholders. The ban doesn’t appear to have impacted its stock price.
Are Any Routers Manufactured in the US?
The only routers I know of that are manufactured in the US are some Starlink Wi-Fi routers, which are primarily made in Texas. Starlink is part of Elon Musk’s SpaceX company, but many of the components in these routers come from East Asia.
Botezatu says what matters more than geography is the security model behind the product. Companies that invest in “long-term firmware support, vulnerability management, and built-in protection layers” offer stronger security.
How Will the Router Ban Impact Ordinary Folks?
It’s not entirely clear, but it probably won’t have a huge immediate impact. There is already a wide range of Wi-Fi 7 routers and mesh systems on the market that will continue to be sold—they enable speeds well in excess of what most people need at home. Whether companies spin up manufacturing in the US or find other ways to satisfy government agencies that their wares are not a security risk, the result is likely to be higher prices for consumers.
“This ruling has the potential to significantly disrupt the US consumer router market,” Brandon Butler, a research manager of Network Infrastructure and Services at IDC, tells WIRED. “In the near term, much will depend on how quickly conditional waivers are processed. Most vendors are likely to pursue them, but any delays could constrain supply and create upward pressure on pricing.”
If you haven’t upgraded to the latest Wi-Fi 7 standard, now might be a good time to do it. But it’s worth keeping in mind what you’re buying. Botezatu says consumers should “stick with reputable manufacturers that have a track record of issuing updates and maintaining their devices. Check that your router is still supported and running the latest firmware.”
When current stocks run low, the ban could have a serious impact on the router market in the US. Not only will spinning up US manufacturing take years and increase costs, but the ban is also likely to limit choice in the market, as smaller companies may struggle with the compliance burden, and chipset vendors and OEMs, turned off by a slowdown and unpredictability in the market, may deprioritize the US, according to a Global Electronics Association report.
Unanswered Questions
The ban does leave several unanswered questions. Why is it being applied only to consumer routers? Why are some manufacturers being granted Conditional Approvals and not others? Why are the foreign-made routers currently on sale and in our homes deemed safe? What happens when the software update waiver runs out? The FCC did not address these questions.
