"The implementation is trivially security vulnerable otherwise." This is poorly worded. I meant that this causes a spoofing issue in other systems that use the RADIUS accounting information.