Dear vanyaindigo,
Hello and I hope that you are well. There is no way to upgrade OpenSSL as it is fully integrated into virtually every aspect of any OpenWRT Build. You could try running OpenWRT 19.07-SNAPSHOTS - found here: https://downloads.openwrt.org/releases/19.07-SNAPSHOT/targets/ and see if they have OpenSSL >= 1.1.1 - or you can build your own OpenWRT Image if you have the skill set. I do not - so I can not begin to help you there.
However, if I were you - I would invest in a router that Davidc502 supports - these are as follows:
Current images built and distributed.
WRT1200ac Version 1 and 2
WRT1900ac Version 1 and 2
WRT1900acs Version 1 and 2
WRT3200acm Version 1
WRT32X Version 1
Personally, I would get the WRT32X - see here : https://www.ebay.com/itm/Linksys-WRT32X-Gaming-Wifi-Router-w-Killer-Prioritization-Certified-Refurb-/292672857686 - they are affordable and you will be always able to ensure that you will be availed of the latest " stable " snapshot repositories as Davidc502 hosts his own Builds on his personal servers. Dave puts out new Builds every two weeks - so you can see the benefit of being able to " keep up " with the latest Kernels, OpenSSL, packages and so on.
Here is Dave's Community Thread : Davidc502- wrt1200ac wrt1900acx wrt3200acm wrt32x builds and his website : https://dc502wrt.org/
For a hundred bucks $100 - you will never be left behind again plus there is great advice and support on the Community Thread and you can even request new packages and features.
Anyway - that is my advice
Dave's Community Thread in addition is frequented by OpenWRT experts and mavens - so that is another distinct benefit of investing in this great piece of hardware that Dave supports.
Peace