WAN side - are these ports really open?

OpenWrt firewall rules and policies are implemented and applied based in the ingress and egress interfaces.

Scanning any local IP from the host itself is performed via the loopback interface using permissive firewall policy and overriding any zone restrictions.

Scanning any router's IP from the LAN is performed via the LAN interface which is attached to the LAN zone and has permissive firewall policy by default.