The letter is a sign of mounting concerns that Beijing could exploit Chinese-origin routers and other equipment in cyber attacks on American governments and businesses.
The U.S., its allies and Microsoft (MSFT.O), last year disclosed a Chinese government-linked hacking campaign dubbed Volt Typhoon. By taking control of privately owned routers, the attackers sought to hide subsequent attacks on American critical infrastructure.
The vast majority of affected routers, however, appeared to be from Cisco (CSCO.O), and NetGear (NTGR.O), the Justice Department said in January.
Last year, the U.S. Cybersecurity and Infrastructure Agency said TP-Link routers had a vulnerability that could be exploited to execute remote code.
Around the same time, U.S. security company Check Point reported that hackers linked to a Chinese state-sponsored group used a malicious firmware implant for TP-Link to target European foreign affairs officials.
The Commerce Department has broad powers to ban or restrict transactions between U.S. firms and internet, telecom and tech companies from "foreign adversary" nations like China, Russia, Cuba, Iran, North Korea and Venezuela if their products pose a national security risk.