Previous research on DNS over HTTPS (DoH) tunnel detection has focused on developing detection Machine Learning (ML) models, emphasizing accuracy and explainability. However, these models have neglected the threat of adversarial attacks, rendering them vulnerable and less robust. Our study reveals that most state-of-the-art DoH tunnel detection models are likely susceptible to adversarial black-box attacks. We adopt a novel approach by adapting the Zeroth Order Optimization (ZOO) attack to support DoH request features. The most constrained adaptation generated adversarial examples for 5 out of 6 DoH public tunnel tools. Our methods have successfully evaded the four most used state-of-the-art tunnel detection architectures. The technique relies on network flows and does not depend on the DoH request format. Thus, researchers can use it to create more robust DoH tunnel classifiers that target similar architectures in different security domains.