I’m not super clear on whether OpenWrt actually provides updates to fix hardware-level vulnerabilities, or if it just provides operating system/software-level support.
Once a router reaches EoL and is no longer receiving updates from the vendor, is it ok security-wise to continue using it with the latest version of OpenWrt, or are there likely to be hardware vulnerabilities specific to the router that might not be addressed by OpenWrt?