The router should block not successfull login attemps after 5 times (fail count is set to 5). In the event log you can the these attemps but the device is not blocked. I looks like you have unlimited password attemps.
The device is added to the blocked adresses list but you can still try new passwords. I can enter 50 wrong passwords and then the correct password. Login works.....
In this scenario the router is vulnerable for bruteforce attacks.
Can anyone confirm?