It can certainly be done if the devices have their own "public" IP addresses – that is, addresses that every client knows how to reach. That's already how many online services work, if the server has a dedicated IP address then it needs no port-forwarding at all.
But in most cases on home (and small business) internet connections, the ISP only provides one public IPv4 address for the customer's entire network, and that address is assigned to the customer's main router. All other devices (computers, printers, CCTVs) only get "private" addresses that only make sense within the same network.
So in that situation, when the router receives a connection to its IP address, it has no way of knowing which device you meant to connect to – the only information it has is the TCP port number (service), which says nothing about the intended destination device. Your LAN might have 5 or 10 different devices answering to the same port 80 (HTTP).
So "port forwarding" is needed to create a lookup table from TCP port to internal IP address (usually). If the devices have public IP addresses and not internal ones, then port forwarding is not necessary.
(More accurately, port-forwarding is a packet rewriting feature which literally changes the destination address and/or port number inside the packets, but that doesn't say much about why it's needed.)
Recently many ISPs have started adopting IPv6, which has plenty of IP addresses available – allowing each internal device even on a home LAN to have its own publicly reachable address. This again makes port forwarding unnecessary.
(Although on the other hand, you still need to add firewall rules allowing incoming connections – port-forwarding would do this automatically on most routers, but now you need to do it manually, so in the end it's the same amount of configuration...)