Breaking - FCC foreign router ban in effect

Is your home router
a security risk?

Enter your router model or ISP name and get a free instant safety analysis and a live threat detection scan of your network.

close
🔍 How to find your router model
  1. Check the label on the bottom or back of your router - the model name is usually printed there
  2. Check the box it came in - the model number is on the front or side panel
  3. If your ISP sent it to you, just search your ISP name (Xfinity, AT&T, Verizon, Spectrum, Cox)
  4. Go to 192.168.1.1 in your browser while on Wi-Fi - you'll see the router model on the login page
Or tap a brand to browse models
Data from NIST NVD & CISA
FCC Equipment Authorization DB
Free · No signup required
routers tracked
How it works
Free, instant, no signup needed
Router lookup
Check Your Router
● TP-Link ● Huawei ● Xfinity ● Eero ● Asus
or tap a brand to browse all models
Step 1
Enter your router
Type your model name, brand, or ISP - or tap a quick-select button. Works for standalone routers, mesh systems, and ISP-provided gateways alike.
  • Model name, brand name, or ISP all work
  • Quick-select chips for the most common brands
  • Takes under 5 seconds from landing to result
Live database scan
Scanning…
FCC Equipment Authorization
⚠ Under federal review
NIST NVD Vulnerability DB
⚠ 4 CVEs found
CISA Known Exploits
✗ Critical advisory
Ownership & Jurisdiction
✗ Chinese-owned
Active Patch Status
✓ Updates active
5 sources checked · Results compiled in <1s
Step 2
We cross-check 5 databases
Your router is instantly matched against every data source that matters for security - not just one feed, but all of them together.
  • FCC Covered List & Equipment Authorization DB
  • NIST National Vulnerability Database (NVD)
  • CISA Known Exploited Vulnerabilities
  • Manufacturer ownership & legal jurisdiction
  • Active patch & firmware support status
Archer AX21
TP-Link · Made in China
F
FBI & CISA documented this model as an active attack vector used in the Volt Typhoon campaign against US infrastructure.
CVE-2023-1389 · CVSS 9.8 · Remote code execution
Active federal DOJ/FCC investigation
Chinese National Intelligence Law exposure
Your action plan
Replace this router - prioritize networks with sensitive data
Update firmware now while you plan the switch
Disable remote management in router settings
Step 3
Get your router's full risk breakdown, explained
No security jargon. Every finding explained in plain language - what it means, why it matters, and exactly what you should do about it.
  • A–F letter grade with a clear risk verdict
  • Every CVE explained in one sentence, not a reference number
  • Numbered action steps ordered by priority
  • Unique URL to bookmark or share with family
Live network check
LIVE
Probing DNS via Cloudflare DoH CLEAN
Google DoH cross-check · IPs match MATCH
WAN admin interface · Not reachable SECURE
Public IP identified · 98.207.x.x OK
No active threats detected
DNS intact · Admin panel not exposed · ~4s
Bonus
Run a live scan of your actual network
Beyond the static report - this runs real probes against your live connection to catch active threats that model data alone can't reveal.
  • Detects DNS hijacking in real time
  • Tests if your admin panel is exposed to the internet
  • Runs entirely in your browser - nothing stored
  • Takes about 5 seconds, any time you want
What's happening & why it matters
The story behind your router's risk
FCC Equipment Authorization DB
Manufacturer TP-Link Technologies Co.
Origin Shenzhen, China
Auth. Status Authorized BLOCKED
Effective March 23, 2026
BANNED
New authorizations blocked - all Chinese-origin brands
FCC Alert · March 23, 2026

The FCC banned new foreign-made routers

Any router manufactured in China, Russia, or Iran can no longer receive FCC authorization. Existing models stay legal - but no new ones get in. This includes TP-Link, Huawei, Tenda, and others.

Read the full story →
Threat Intelligence Feed
● VOLT TYPHOON FBI botnet · Jan 2024
● FLAX TYPHOON 260,000 devices hijacked
● SALT TYPHOON US telecom infiltration
Primary vector Home routers
Most exploited TP-Link Archer series
Sources: FBI, NSA, CISA joint advisory AA23-144A
Threat Intel · FBI documented

Three state hacking campaigns used home routers as attack tools

Volt Typhoon, Flax Typhoon, and Salt Typhoon are real, FBI-documented operations. All three exploited vulnerabilities in home routers - especially TP-Link - to infiltrate US military, telecom, and infrastructure networks.

Read the full story →
Risk Factor Analysis
Chinese ownership
State jurisdiction · supply chain exposure
End-of-life firmware (any brand)
Unpatched CVEs · no future fixes
Clean record + active patches
Lowest risk - still keep firmware current
We score origin AND device age - both matter independently
Context · How we score

Chinese-owned brands are risky - but old routers from any brand are too

A TP-Link router is a risk because of its ownership. But any router - from any country - is also a risk if it's end-of-life with no more security patches. We score both factors independently. Check yours above.

Deep Dives
The full story behind the risk
Research, policy analysis, and plain-English explainers - everything you need to act with confidence.
FCC router ban policy document
FCC Policy
The 2026 FCC Router Ban: What's Banned, What Isn't, and What to Do
New rules bar foreign-made routers from FCC authorization. What the Covered List means and which routers are actually affected.
Read →
Volt Typhoon cyber attack visualization
Threat Intel
Volt, Flax & Salt Typhoon: How China's State Hackers Targeted Home Routers
Three Chinese state-sponsored campaigns turned home routers into attack infrastructure for US critical systems.
Read →
Premium WiFi router product photo
Buyer's Guide
Should You Replace Your Router in 2026? A Security Decision Guide
An honest framework for deciding who needs to act now, who can wait, and what to look for in a secure replacement.
Read →
Security scoring methodology dashboard
Transparency
Our Scoring Methodology - Fully Open
Every data source, scoring factor, and risk weighting we use - published in full with no manufacturer affiliation.
Read →
From the community
What creators are saying about the FCC router ban
Tech creators and network experts react to the FCC ban on foreign-made routers.
NetWork From Home - FCC Router Ban Explained: Should You Replace Yours?
NetWork From Home
FCC Router Ban Explained: Should You Replace Yours?
tabGeeks - Everything We Know About the FCC Router Ban on Foreign Routers
tabGeeks
Everything We Know About the FCC Router Ban on Foreign Routers
NASCompares - FCC OFF! No More Routers for the U.S!
NASCompares
FCC OFF! No More Routers for the U.S!
Lon.TV - US Bans Most Routers?
Lon.TV
US Bans Most Routers?
InsideWire - The US just banned all new WiFi routers
InsideWire
The US just banned all new WiFi routers | Here's what it means for UniFi
Olive Badger - The Government Just Banned Certain Routers...
Olive Badger
The Government Just Banned Certain Routers... Here's What's Happening
Common questions
Frequently asked questions
Everything you need to know about the FCC router ban, security grades, and what to do next.
The FCC has proposed prohibiting new equipment authorizations for routers and networking gear manufactured by companies on the Covered List - primarily Chinese-owned manufacturers like TP-Link, Huawei, and ZTE. The policy is rooted in the Secure and Trusted Communications Networks Act, which restricts federal funds for equipment deemed a national security risk. New models from covered companies cannot receive FCC authorization to be sold in the United States.
Not necessarily right now. The ban affects new device authorizations, not routers already in use in your home. However, high-risk routers (D or F grade) are worth replacing soon - especially if they're no longer receiving firmware updates or were manufactured by Chinese-owned companies. A compromised router is a persistent backdoor into your entire home network.
TP-Link Technologies Co. Ltd. is headquartered in Shenzhen, China and is legally subject to Chinese national intelligence laws that can compel cooperation with state intelligence services. Multiple U.S. federal agencies - the FBI, NSA, and CISA - have documented TP-Link devices as attack vectors actively exploited by Chinese state hackers (the Volt Typhoon campaign). New TP-Link models are under FCC authorization review. All TP-Link models in our database score F.
Each router is scored on three algorithmic factors: corporate ownership & jurisdiction (0–35 pts), supply chain & FCC status (0–40 pts), and active software support (0–25 pts). Those three components make up the Ban Risk Score. A final composite grade is then weighted 70% ban risk / 30% security capabilities. No grades are manually assigned - every score is computed from the same formula. See the full methodology for the complete breakdown.
It depends on the model. ISP gateways from major U.S. carriers are owned by US entities, which is a positive signal - but many are still manufactured in China under contract. AT&T's BGW320 (made by Humax in South Korea) scores B. Older ISP gateways like the AT&T NVG589 or Verizon G1100 score F due to China manufacturing, aging hardware, and end-of-life support status. Check your specific model using the search bar above.
Your router sits between every device in your home and the internet - it sees all traffic and controls all connections. A compromised router means an attacker can intercept passwords and financial data, redirect you to fake websites even if you typed the right address, and silently monitor every device on your network. Unlike a hacked laptop, a hacked router is invisible: your devices appear normal while all traffic passes through an attacker's hands. The FBI and CISA have issued repeated public warnings about router-based attacks targeting home networks. In 2024 alone, botnets built from compromised home routers were used in attacks on critical US infrastructure. Most people never update their router firmware - making it the easiest entry point in the home.
B and C grades indicate moderate risk. These routers are generally safe for everyday home use but have specific limitations - for example, hardware manufactured in China, limited advanced security features, or support lifecycles that may not extend far into the future. You don't need to replace immediately, but you should keep firmware updated, use a strong admin password, and check for an end-of-support date. B-grade examples include most ASUS, Netgear Nighthawk, and Firewalla models.
When a router reaches end-of-life (EOL), the manufacturer permanently stops releasing firmware and security patches. Any newly discovered vulnerabilities - and new ones are found regularly - will remain permanently unpatched. Attackers actively scan for and target EOL devices because they're known to be exploitable. An EOL router is effectively a frozen, undefended device sitting at the perimeter of your entire network.
Plan to replace it. In the meantime: (1) Apply any available firmware updates immediately. (2) Change default admin credentials to a strong, unique password. (3) Disable remote management if it's enabled. (4) Consider placing a more secure router behind your ISP gateway to create a security layer. For a permanent fix, the only A-grade replacement currently available is Rio Router. B-grade alternatives include ASUS AX-series and Netgear Nighthawk AX models.

Device VPN (NordVPN, ExpressVPN, etc.): partial protection only. A VPN app on your laptop or phone encrypts traffic between that device and the VPN exit node. But it does not protect your local network from router-level exploitation. If your router has an unpatched vulnerability or a firmware-level backdoor, a VPN on your laptop won't prevent an attacker from monitoring DNS queries, redirecting traffic, or compromising other devices on your network - your smart TV, thermostat, and phone are still exposed. VPNs are a useful layer, but they don't fix a compromised router.

Router-level VPN: a fundamentally different class of protection. A router with a built-in VPN encrypts all traffic leaving your network - before it even touches your ISP. Every device on your network is automatically protected: your laptop, phone, TV, IoT devices, everything. There's no app to install, no device to remember, and no gaps. The encryption happens at the network boundary, not on individual devices.

Some of the highest-rated routers in our database have this built in:

  • Rio Router - always-on VPN with no subscription required; every device on the network is protected by default
  • Firewalla Gold - WireGuard and OpenVPN server built in; also functions as a secure VPN gateway for remote access

If you're relying on a device VPN to compensate for a router with a D or F grade, it's not enough. The right fix is the router itself.

Yes. Rio makes what we believe is the safest consumer router available in the US - and we built this tool to make that security data public for everyone, not just Rio customers. Our router is in the database, graded by the same algorithm as every other model. We score A. We'd tell you if we didn't. See the full methodology →
A free public tool made with 🦾 by Rio