Security Risk Rankings · March 2026

The 10 Most Dangerous
Router Brands of 2026

Ranked by Chinese government jurisdiction, FCC ban exposure, documented CVEs, and active security posture. Every brand on this list poses real risk to your home network.

80 routers evaluated
20 F-grade models tracked
ismyroutersafe.com

Last reviewed: March 2026 · ismyroutersafe.com

Brands 1–6 score F due to Chinese government legal jurisdiction - meaning the manufacturer can be legally compelled to cooperate with Chinese intelligence services regardless of the device's individual security features. Brands 7–10 score D or F due to end-of-life hardware, China manufacturing, or zero security capabilities. Full methodology →
1
TP-Link Technologies
TP-Link - All Models
Chinese-owned FBI / CISA flagged FCC under review 12 models tracked - all F
TP-Link Archer AX21
The single most dangerous router brand in our database. TP-Link Technologies Co. Ltd. is headquartered in Shenzhen, China and is legally subject to Chinese national intelligence laws that compel cooperation with state intelligence services. The FBI, NSA, and CISA jointly documented TP-Link devices as the primary attack vector used by the Chinese state-backed Volt Typhoon hacking group. A DOJ investigation into TP-Link is ongoing. The FCC has opened a formal review of TP-Link's authorization status - new models are now blocked. We track 12 TP-Link models; every single one scores F. This is the brand most urgently in need of replacement in your home.
FCC & Ban Risk Score
12 / 100 - F
Security Capabilities
19 / 100 - F
F
High Risk · Chinese-owned · FBI/CISA flagged · FCC authorization under review
See AX21 analysis →
2
Huawei Technologies
Huawei - All Models
Chinese state-linked Commerce Dept Entity List NOT FCC authorized 1 model tracked - F
Huawei
Huawei is the highest-risk brand in terms of state affiliation. The company is on the U.S. Commerce Department's Entity List, meaning it is considered a national security threat at the federal level. Huawei routers are not FCC authorized for sale in the United States - any unit in use is on legacy authorization or was obtained through grey-market channels. Huawei's ties to Chinese military and state intelligence are extensively documented. Devices receive no US security support. If you have a Huawei router, replace it immediately - there is no path to compliance or safety for this brand.
FCC & Ban Risk Score
12 / 100 - F
Security Capabilities
0 / 100 - F
F
High Risk · Chinese state-linked · Commerce Dept banned · No US FCC authorization
See AX3 Pro analysis →
3
Xiaomi Corporation
Xiaomi - All Models
Chinese-owned Limited US authorization State ties documented 1 model tracked - F
Xiaomi
Xiaomi is a major Chinese consumer electronics brand headquartered in Beijing with documented ties to the Chinese state. The U.S. Department of Defense previously designated Xiaomi as a Chinese military company - a designation Xiaomi challenged in court and had partially reversed, but the underlying relationships remain a concern. Xiaomi routers have limited US FCC authorization and new models are blocked from entering the US market. Minimal US-facing security support exists. Like all Chinese-owned brands, Xiaomi is subject to Chinese law requiring cooperation with intelligence services upon request.
FCC & Ban Risk Score
12 / 100 - F
Security Capabilities
12 / 100 - F
F
High Risk · Chinese-owned · Limited US authorization · State ties documented
See AX3000T analysis →
4
Tenda Technology
Tenda - All Models
Chinese-owned New models blocked No active US security team 2 models tracked - all F
Tenda AC23
Shenzhen Tenda Technology is a Chinese-owned router manufacturer with a poor security track record. Tenda has been linked to multiple critical unpatched CVEs and has no active US-facing security response team. New Tenda models are blocked from FCC authorization. The AC19 and AC23 both score zero on security capabilities - they offer no VPN, no network segmentation, no security monitoring, and no automatic updates. Tenda represents the worst security capabilities profile of any brand where we've checked multiple models.
FCC & Ban Risk Score
12 / 100 - F
Security Capabilities
0 / 100 - F
F
High Risk · Chinese-owned · Zero security capabilities · No US support
See AC23 analysis →
5
Mercusys (TP-Link subsidiary)
Mercusys - All Models
Chinese-owned TP-Link subsidiary New models blocked 1 model tracked - F
Mercusys Communications Co. Ltd. is a wholly-owned subsidiary of TP-Link, operating from Shenzhen. It inherits every risk factor of its parent company: Chinese state legal jurisdiction, FCC authorization under review, and the same supply chain concerns that led the FBI and CISA to flag TP-Link. Mercusys markets budget routers that superficially appear to be independent of TP-Link - they are not. The Halo H70X mesh system is essentially TP-Link hardware under a different badge. Treat any Mercusys device exactly like a TP-Link.
FCC & Ban Risk Score
12 / 100 - F
Security Capabilities
19 / 100 - F
F
High Risk · TP-Link subsidiary · Chinese-owned · New models blocked
See Halo H70X analysis →
6
GL Technologies (GL.iNet)
GL.iNet - All Models
Chinese operations HK incorporation FCC authorized 1 model tracked - F
GL.iNet
GL.iNet is technically incorporated in Hong Kong, but all operations and manufacturing take place in Guangzhou, mainland China - placing it squarely under PRC jurisdiction. The brand is popular with the networking enthusiast community for its OpenWrt-based firmware, but technical flexibility doesn't change the legal reality: GL Technologies and its employees are subject to Chinese national intelligence laws. No formal FCC ban order has been issued yet, but the ownership risk is equivalent to any other Shenzhen-based manufacturer. Enthusiast features do not offset state jurisdiction risk.
FCC & Ban Risk Score
12 / 100 - F
Security Capabilities
31 / 100 - D
F
High Risk · Chinese operations (Guangzhou) · PRC jurisdiction applies
See Beryl AX analysis →
7
AT&T (Legacy Gateways)
AT&T NVG589
End of support China-made (Pace) US-owned (AT&T)
AT&T NVG589
The AT&T NVG589 is the worst-scoring ISP gateway in our database. While AT&T itself is a US company, the hardware was manufactured in China by Pace (now CommScope) and is fully past end-of-support - meaning no security patches, no firmware updates, ever again. The device has zero security capabilities in our scoring: no VPN, no segmentation, no monitoring, no auto-updates. With no patches and China supply chain, this gateway is a permanently exploitable device. AT&T no longer supports this model and will assist with replacement if you contact them. See also: AT&T BGW210 and NVG599, which score similarly.
FCC & Ban Risk Score
50 / 100 - C
Security Capabilities
0 / 100 - F
F
High Risk · End-of-support · China-made · Zero security capabilities
See NVG589 analysis →
8
Verizon (Legacy Gateway)
Verizon FiOS G1100
Aging hardware (2016) China-made (Actiontec) US-owned (Verizon)
The Verizon FiOS G1100 is 2016-era hardware that remains extremely common in US homes - it was the default Verizon gateway for years. Manufactured by Actiontec in China, the device is past active support and receives minimal firmware attention. Verizon has largely moved on to newer gateways like the G3100 and CR1000A. The G1100 scores F due to its China manufacturing, near-EOL support status, and minimal security capabilities. If you're still on a G1100, contact Verizon about a free upgrade - many FiOS subscribers qualify. Verizon's newer gateways (G3100, CR1000A) are substantially better.
FCC & Ban Risk Score
50 / 100 - C
Security Capabilities
6 / 100 - F
F
High Risk · 2016 hardware · China-made · Minimal support · Contact Verizon for upgrade
See G1100 analysis →
9
Apple
AirPort Extreme
Discontinued 2019 No security patches ever US company (Apple)
Apple AirPort Extreme
Apple discontinued its entire AirPort router lineup in April 2019 and has never released a security patch since. Any AirPort Extreme still in use is running firmware that is now 7+ years old, with every vulnerability discovered since 2019 permanently unpatched. Apple is a US company with no Chinese jurisdiction risk, which is why this model scores higher than the Chinese-owned brands above it - but a device with zero patches for 7 years is genuinely dangerous regardless of its origin. If you have a AirPort Extreme, replace it. Apple's premium brand doesn't protect a discontinued product.
FCC & Ban Risk Score
50 / 100 - C
Security Capabilities
19 / 100 - F
D
Elevated Risk · Discontinued 2019 · 7+ years without security patches · Replace immediately
See AirPort analysis →
10
Arris / CommScope
Arris SBG10
Aging hardware China-made US-owned (CommScope)
Arris SBG10
The Arris SBG10 is a combination modem-router from CommScope (formerly Arris International), a US company. The device is manufactured in China and is rated as aging hardware with limited ongoing support. No VPN, no network segmentation, no security monitoring - making it near-invisible to the user if it is compromised. While CommScope is a US company with no Chinese state jurisdiction risk, the China manufacturing and minimal security feature set put this device in our bottom 10. Users on cable internet using this device should consider upgrading to a modern modem-router combination.
FCC & Ban Risk Score
50 / 100 - C
Security Capabilities
12 / 100 - F
D
Elevated Risk · China-made · Limited support · Minimal security features
See SBG10 analysis →
How this ranking works: Brands 1–6 score F due to Chinese government legal jurisdiction - manufacturers subject to PRC national intelligence laws score zero on the ownership dimension regardless of their individual security features. Brands 7–10 score F or D due to end-of-life hardware, China manufacturing, and minimal security capabilities. Scores are computed algorithmically - no grades are manually assigned. Read the full methodology →  ·  See the 10 most secure routers →