Response authenticator is not checked, it allows to spoof response from RADIUS server.
vulners.com/securityvulns/securityvulns:doc:6865