I found a hack on youtube that exploits this method to unlock everything, which is in the form of a cracked JEI distributed. If you want the full code i can provide it, but i figure it would be better to keep it private.

Feel free to share any information on this issue here. Prestige.NETWORK::sendToServer should be perfectly secure, however it is possible that some validation is missing on one of the packets. Would need more info to find out which one though. Linking to the video would also be appreciated.

https://www.youtube.com/watch?v=YPn95kd53bk

public class ClickKeyEvent {
    public ClickKeyEvent() {
    }

    @SubscribeEvent
    @SideOnly(Side.CLIENT)
    public void onKeyInput(KeyInputEvent event) {
        EntityPlayer player = FMLClientHandler.instance().getClientPlayerEntity();
        if (Loader.isModLoaded("prestige") && KeyBindings.UnlockAllPrestige.func_151468_f()) {
            LinkedList<Reward> values = new LinkedList(Prestige.REGISTRY.values());
            Iterator var4 = values.iterator();

            while(var4.hasNext()) {
                Reward reward = (Reward)var4.next();
                String[] PossibleRewards = new String[]{reward.getIdentifier()};
                Prestige.NETWORK.sendToServer(new PacketGiveRewards(PossibleRewards));
                player.func_145747_a(new TextComponentString(TextFormatting.DARK_RED + "Successfully unlocked " + reward.getIdentifier()));
            }
        }

    }
}

This is the code i grabbed from inside the download link, as you can see it's seemingly grabbing a list of rewards and just sending them through that method. When looking through the jar for new classes, i didn't see any other then this and another event one with empty method bodies, so i am assuming that PacketGiveRewards is your class but i could be wrong.

I was wondering if there is any updates on this?