It's just basic Unix security to always disable root login when it's not absolutely needed. If someone gained access as root (s)he could destroy everything possible on your device, including ruining your firmware, and maybe adjusting voltages to cause hardware failure.

And it's a common thing for script kiddies to run bot networks that scan SSH servers and use various methods for trying to guess the root password.